Ok my title is a little bit convoluted. Allow me to explain.
I have a server in my LAN that listens for HTTP connections at let's say 192.168.1.10:1234
. I can access this address from my other computers and everything works as expected.
Now to access this server from the Internet I have forwarded the port 5678 to the port 1234. If I go to a PC outside my house and enter 62.62.62.62:5678
(my ISP address with the forwarded port) in the web browser, I am able to access my server.
If I do the same exactly thing from within my LAN I get a timeout error.
What is wrong here?
(I am newbie in networking so please forgive my ignorance.)
Answer
It is possible to access your internal server using the router's public IP address/forwarded port, but your router must support loopback network address translation (a.k.a. hairpin NAT) and be configured accordingly.
Without loopback translation in effect, IP packets destined for your router's public IP address will arrive on its private network interface. Here the packets are simply dropped, usually because the router requires packets destined for its public IP address to arrive on its physical WAN interface (there are other possible ways this traffic may be handled, including NAT occurring, but the end result is always that the connection cannot be completed).
However, with loopback translation configured, when the packets destined for the public address arrive on the private interface, their destination address will be rewritten to be that of the internal server. Then the normal port translation will be applied, further resulting in the destination port being rewritten as well.
No comments:
Post a Comment