Author Topic: Newtork problems (Ports and all)  (Read 7079 times)

colinjones

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 3003
    • View Profile
Re: Newtork problems (Ports and all)
« Reply #15 on: February 03, 2008, 11:02:14 pm »
Skerit

You have said that your core is setup with internal and external on the same subnet. So the core's DHCP server also needs to be giving out IP addresses on that same subnet.

Therefore, nothing needs to "go through" the core to get to your "internal" machines as they are effectively simultaneously on both the internal and external subnets. This means that your so-called internal machines are perfectly routeable from your physical broadband router - the reason you are having problems is because you are trying to force your traffic from the broadband router to the core and then back to your internal network - but the internal network is the same subnet as your external network, so it isn't possible to route that way (or at least it would be complex to set up, using route metrics).

But more importantly, there is no point in doing this anyway. If you are trying to get external traffic to a machine that is on your "internal" network (eg you are trying to publish a web site), just set up a NAT on your router directly to the machine's IP address. It doesn't matter that the core thinks that this is "internal" they are all actually on the same switching domain and subnet, so the traffic will go directly from your broadband router to the machine. The only problem you will have is that the address is dynamic from the core, but you would have this problem even if you were sending the traffic through your core. On the upside, once LMCE has assigned an IP address to your machine, it will pretty much stay the same indefinitely as it recognises the machine by its MAC address and assigns the same one every time.

Having internal and external on the same subnet and effectively using the same NIC does work with LMCE (I had it running for a while in a single NIC installation) but I think you will find it confusing, and LMCE certainly does - it discovers itself via the DHCP pnp process and presents its own internal HDD as a remote network share to you (called DCEROUTER) you just need to tell it to ignore that server.

You would find it much more straight forward to set it up as 2 separate physical networks with the correct separate subnets, and then just buy a wireless AP for the internal network to get around your cabling issue.

BTW - when in the "correct" (as designed) config, you will need you firewall turned on in many situations as most broadband routers cannot NAT (port forward, virtual server, and a number of other names!) to remote subnets. So you need to NAT/port-forward to the external IP address of the Core, then set up a port-forward rule on the Core to send the traffic to the backend - this works very well and is easy to set up. If you were just routing (ie not NATting/port-forwarding from the Internet) then Linux will happily do this on its own, without the firewall function. But if you do leave the firewall on, the you will have to create a normal firewall rule instead, to allow the traffic through.

What traffic are you actually trying to get through??

teddydov

  • Newbie
  • *
  • Posts: 11
    • View Profile
Re: Newtork problems (Ports and all)
« Reply #16 on: May 23, 2008, 05:08:22 pm »
Hello all,
I see this post was left alone for a while and I want to know if the issue was ever solved.

I have the same problem - trying to use Azureus and having NAT issues.

I have a single router going to my Core/hybrid and all the computers are in the internal Network (the core).

I tried using port forwarding, turning off the firewalls (on Both), DMZ ETC. and nothing seems to work.

If this issue was solved I would love to know how. if not, I would love to know what I can do to solve it.

Just to be clear:
My router is on  192.168.1.1 - feeding in my internet connection.
I have disabled the DHCP on the router
The core has a Static IP address from the Router 
All the computers (and other hardware) get their IP address from the Core, meaning the computer has a 192.168.80.* Ip address.

Any help would be greatly appreciated

-Dov

colinjones

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 3003
    • View Profile
Re: Newtork problems (Ports and all)
« Reply #17 on: May 24, 2008, 01:46:39 am »
No idea if it was fixed, but...

1. You don't need to turn off your DHCP on your broadband router, this will not interfere with your internal LMCE network (whether or not your core firewall is on, as DHCP is an ethernet broadcast, so cannot pass into your LMCE network) - it doesn't need to be on, its up to you. If you want other devices on your external network it would be easier if it is on, but if you are comfortable just assigning a static IP to the core external NIC, then that is fine too.

2. I believe that most broadband routers have difficulty NAT'ing to remote subnets - meaning that you can NAT to an address on your 192.168.1.0/24 network, but probably not all the way through to your 192.168.80.0/24 network.

3. To get around this you need to have the core firewall turned on so that it can port forward for you. Then setup the broadband router to NAT your torrent port (pick a random one above 1024) to your core's external IP address (the static one you assigned).

4. Now in the core's web admin, go to the firewall config and configure a TCP port_forward rule from the port you chose above to the IP address of the torrent client on your internal network.

5. Set up Azureus to use that port and use the check NAT option to test it.. voila!

BTW - apparently 0710 now has upnp client and server - not sure exactly what it does, but if it intelligently mediates the upnp between the two subnets and creates upnp rules then all this would become unnecessary! Someone else will have to advise on that....