Re: Life getting to complicated?
- Date: Tue, 23 Apr 2019 01:35:43 +0100
- From: Mark Rousell <mark.rousell@xxxxxxxxxxxxx>
- Subject: Re: Life getting to complicated?
On 22/04/2019 23:29, Lester Caine wrote:|
Thanks that was the kick I needed ...
I'm glad that sent you in the right direction. :-)
The thread you linked to makes interesting reading, as does your experience with Netgear tech support. Sadly, it looks like their tech support is not all that knowledgable. And, worse, Netgear doesn't seem interested in fixing an obvious bug. One can only presume they take the view that relatively few people will notice this sort of bug so why bother. It's not what one would hope for.
What router are you going with now? If you already run your own server(s) then you might consider a two box solution such as a VDSL modem with an OPNSense router/firewall. Alternatively you could flash a commercial router with DD-WRT or similar, if you fancy.
The problem with that is there are multiple websites all resolved to the public IP address. One can't simply use the local IP address to access them? One has to have 'NAT Loopback' working in this case, which it does no the older Netgear D6220 and all the BT Hubs ... It's just a pity that all of them seem to have some problem ...
Yes, you can almost certainly work around it. It's fine that the sites' domain/host names resolve to the public IP address. As you found, that works fine for public external access even without NAT loopback working.
However, the PHP scripts running on the server all natively see the server from the private side of the LAN. E.g. Where a script currently tries to access "server.mydomain.com" then it could instead access "192.168.1.34", the private IP address of the server. In brief, there's no need for scripts running on a host on the private LAN to use public domain names or IP addresses; they can just use private LAN IP addresses to reach other LAN servers and thus avoid the need for NAT loopback. This of course does not prevent external users from accessing the servers via the public IP address.
If some of the script access other websites or servers using HTTP (which obviously presumes the use of host headers) then you can just add the private IP address of the server to the host headers entry of the web server configuration.
If you provide more details of the PHP you're using then I can be more specific about what to change.
-- Mark Rousell