What IP address do I have

On Sep 17, 5:48 am, Bill Unruh <un...@physics.ubc.ca> wrote:
> NiteRider <d0muf...@googlemail.com> writes:
> >Hi All,
> >I have installed Suse 10,1. I am using a wireless internet service
> >from AT&T. Everything is working - but - I have made a web server and
> >I want a colleague of mine to be able to access it.
> >I do 'ifconfig' and get an IP address and send it to him. He then told
> >me that the address was for a WAN and not a LAN - oops! (I sent him
>
> Other way around. Lan is Local Area Network, while Wan is Wide area
> network.
> The numbers 192.168.x.x and 10.x.x.x are unroutable address on the world
> wide net. Any packet with those as destination are simply thrown away by
> routers on the internet. Ie, noone except on your local network can use
> them to communicate with your machine.
>
> >192.168.1.67) - see below
> >eth0 Link encap:Ethernet HWaddr 00:19:21:1F:EF:8C
> > inet addr:192.168.1.67 Bcast:192.168.1.255 Mask:
> >255.255.255.0
>
> You probably got this via dhcp from your adsl/cable/... modem
>
> > inet6 addr: fe80::219:21ff:fe1f:ef8c/64 Scope:Link
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > RX packets:181912 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:103699 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:1000
> > RX bytes:155933054 (148.7 Mb) TX bytes:13910295 (13.2 Mb)
> > Interrupt:177
> >Then, I use a website "no-ip.com" to see that the IP address that they
> >think I am broadcasting from is: 76.240.78.202.
>
> Yup that is the address assigned to your router.
>
> >Of course, when trying to use it (http://76.240.78.202:8080/), it
> >stalls. Leaving me to believe that this is some kind of firewall or
> >proxy address.
>
> It is a router/modem which is not designed to pass on packets. You can do
> one of three things.
> a) forget coming in from outside.
> b) set up a vpn between your machine and his machine.
> c) set up your router to do port forwarding ( where if the router gets a
> packet for port 80 say it automatically sends it to port80 on your
> machine-- but this means that your local IP address must be stable-- ie not
> dhcp, or with the dhcp address tied to your mac address
> d) set up your router to do bridging so that your computer is also given
> the address 76.240.78.202 with all packets immediately forwarded to your
> machine.
>
> (And yes that is four points not three).
>
> >Again, I am running Suse 10.1. What can I do to allow my colleague to
> >see my web server?
>
> Is your address supplied by a router under your command ( eg from an adsl
> modem) or is it supplied from some organisation out of your command. In the
> latter case you are SOL.
>
> >TIA.

If the external address is supplied by the ISP he can still use one of
the dynamic-dns services (I use dyndns.org) together with port-
forwarding to make the web-site publicly available.

On Sep 17, 3:59 am, NiteRider <d0muf...@googlemail.com> wrote:
> Hi All,
>
> Thanks for all the responses :-) I did some search on the net and
> found a thread (the link is listed below) of someone in a similar
> situation: 2Wire gateway, Linux OS,
>
> Basically, more information is as follows:
>
> gandolf:~ # route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags
> Metric Ref Use Iface
> 192.168.1.0 0.0.0.0 255.255.255.0 U
> 0 0 0 eth0
> 127.0.0.0 0.0.0.0 255.0.0.0
> U 0 0 0 lo
> 0.0.0.0 192.168.1.254 0.0.0.0 UG
> 0 0 0 eth0
>
> According to the thread below,http://groups.google.com/group/comp..../browse_thread...
>
> The line:
>
> 0.0.0.0 192.168.1.254 0.0.0.0 UG
> 0 0 0 eth0
>
> Should allow for my colleague to connect to my web server on my Linux
> box but this is not working. Is there something else that needs to be
> done? Is the table correct?
>
> TIA,
> KR

Internet <---> | Router | <---> | Server |

Your router has 2 interfaces, each with it's own IP address.
The interface which is connected to the internet has it's IP address
allocated by the ISP to which it connects (76.240.78.202).
The internal IP of the router is usually setup as a non-routable
address (packets addressed to a non-routable address are just dropped
if you try to send them over the internet - this means we can all use
these addresses on out internal networks without fear of interfering
with anybody outside). This internal interface is generally the
gateway address you see as the default gateway in the 'route' command.
Packets sent from your server go via the router and out to their
detination somewhere on the internet, the router keeps a note of all
'conversations' started in this way and automatically routes the
replies back through it's internal interface and on to your computer.
However, packets arriving at the router which are not part of an
ongoing conversation started by you are just dropped by the router as
it doesn't know what to do with them.
You need to tell you router that a packet arriving from the internet
with a destination port of 8080 is really intended for the web-server
inside your network. This is known as 'port-forwarding' (for obvious
reasons) and requires configuration of your router.
You can usually configure the port-forwarding on your router by
pointing your web-browser at the ip address of the internal interface
of your router (http://192.168.1.254).
While configuring your network in this way it's best to disable any
firewall you may have on the local machine - you need to know where
your problems lie.

[Crosspost removed]

Hello,

Andy Ruddock a écrit :
>
> The internal IP of the router is usually setup as a non-routable
> address

s/routable/globally routed/
Private addresses are routable but not globally routed.

E.g.
192.168.0.0/16 = private, non globally routed on the public internet
169.254.0.0/16 = link local, non routable through any router

> (packets addressed to a non-routable address are just dropped
> if you try to send them over the internet

This is for a non globally routed address. Packets addressed to a non
routable address are dropped if you try to send them through any router,
on the public internet or in a private network.

> - this means we can all use
> these addresses on out internal networks without fear of interfering
> with anybody outside).

Until two or more of these private networks are privately
interconnected, e.g. through a VPN over the public internet, a dedicated
link... This is a reason why IPv6 "site local" addresses were deprecated
and replaced with globally unique local addresses.

> This internal interface is generally the
> gateway address you see as the default gateway in the 'route' command.
> Packets sent from your server go via the router and out to their
> detination somewhere on the internet, the router keeps a note of all
> 'conversations' started in this way and automatically routes the
> replies back through it's internal interface and on to your computer.
> However, packets arriving at the router which are not part of an
> ongoing conversation started by you are just dropped by the router as
> it doesn't know what to do with them.

This is not true in all cases. Particularly this is not true for a
Linux-based router. Linux knows how to route an incoming packet which is
not part of an ongoing conversation. The fact that by default such a
packet which is not addressed to the server has no reason to be routed
to the server is a totally different matter.

NiteRider wrote:

> Hi All,
>
> I have installed Suse 10,1. I am using a wireless internet service
> from AT&T. Everything is working - but - I have made a web server and
> I want a colleague of mine to be able to access it.
>
> I do 'ifconfig' and get an IP address and send it to him. He then told
> me that the address was for a WAN and not a LAN - oops! (I sent him
> 192.168.1.67) - see below
>
>
> eth0 Link encap:Ethernet HWaddr 00:19:21:1F:EF:8C
> inet addr:192.168.1.67 Bcast:192.168.1.255 Mask:
> 255.255.255.0
> inet6 addr: fe80::219:21ff:fe1f:ef8c/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:181912 errors:0 dropped:0 overruns:0 frame:0
> TX packets:103699 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:155933054 (148.7 Mb) TX bytes:13910295 (13.2 Mb)
> Interrupt:177
>
> Then, I use a website "no-ip.com" to see that the IP address that they
> think I am broadcasting from is: 76.240.78.202.
>
> Of course, when trying to use it (http://76.240.78.202:8080/), it
> stalls. Leaving me to believe that this is some kind of firewall or
> proxy address.
>
> Again, I am running Suse 10.1. What can I do to allow my colleague to
> see my web server?
>
> TIA.

I see a lot of replies to your query but this is the one I use as it is
simple and works. Copy the following in a text editor and save as some
convenient name. I use "whatismyip.sh" . Then I created a desktop
shortcut to this shell script with a nice icon I chose. So save the shell
script somewhere you wont erase it. Then right click on the desktop and
choose 'create new link to application. In the dialog that appears you can
first choose an icon and title which should be something like "What Is My
IP". On the 'Application tab next to the Command box click on the 'Browse
button and navigate to the script you saved. Double click on it to select
it. Now back at the 'Application' tab click on the 'Advanced Options'
button and select [x] Run in terminal and then select [x] Do not close when
command exits. Click OK. that should do it. You'll have to manually
close the window when you are done reading the ip address.

Here's the script: (leave off the dotted lines !)

-----------------------------------------------------------------

#!/bin/sh

echo "My Internet IP is: "`wget -qO- http://checkip.dyndns.org/ | sed 's|.*
\([[:digit:]]*\.[[:digit:]]*\.[[:digit:]]*\.[[:digit:]]*\).*|\1|'`

-------------------------------------------------------------------

Just copy and paste into the editor of your choice. I still use Nedit as It
is powerful enough for most things and easy to use and learn.

P.S. This script works for me. I have a dsl modem from SBC and a Linksys
switch so this scipt makes getting my 'actual' IP easy. It's fast and
reliable.

Enjoy :-)

Hi All,

I just wrote a reply but I think it got lost - so - here we go
again :-)

I have struck gold here! Yippee! Basically, the task has been
accomplished.

I spoke with a guy from AT&T, he said that the only way for me to
accomplish what was needed, was for me to order a static IP from AT&T.
He said that the IP forwarding "doesn't work like that".

Then, I spoke to a rep from 2WIRE. With his help, the problem was
solved. To do it, what I had to do was:

1. Fix the port forwarding so that the port 8080 of the router is
associated with 8080 of the Linux box. Before,
I had it as port 80 of the router associated with 8080 of the
linux box. I guess that this did not work because
(to my understanding), port 80 is normally reserved for web
servers.

2. The hint that he gave me to solve this mess was to turn off the
firewall on my linux system! I had forgotten
that it was there. I think that Suse 10.1 activates automatically
- but I am not totally sure. Anywho, THAT
was the lynchpin and by shutting it off, all worked well.

I followed the inputs/instructions at the www.2wire.com site. There is
a .pdf file for how to configure the router. Basically, I just added a
new definintion called "Server Port" and defined it as mentioned in
step (1) above. I the application definition to the linux box.

Well, I think (at least so far), this puppy can be put to rest.

THANKS AGAIN GUYS!

KR

Andy Ruddock <andy.ruddock@gmail.com> writes:

>On Sep 17, 5:48 am, Bill Unruh <un...@physics.ubc.ca> wrote:
>> NiteRider <d0muf...@googlemail.com> writes:
>> >Hi All,
>> >I have installed Suse 10,1. I am using a wireless internet service
>> >from AT&T. Everything is working - but - I have made a web server and
>> >I want a colleague of mine to be able to access it.
>> >I do 'ifconfig' and get an IP address and send it to him. He then told
>> >me that the address was for a WAN and not a LAN - oops! (I sent him
>>
>> Other way around. Lan is Local Area Network, while Wan is Wide area
>> network.
>> The numbers 192.168.x.x and 10.x.x.x are unroutable address on the world
>> wide net. Any packet with those as destination are simply thrown away by
>> routers on the internet. Ie, noone except on your local network can use
>> them to communicate with your machine.
>>
>> >192.168.1.67) - see below
>> >eth0 Link encap:Ethernet HWaddr 00:19:21:1F:EF:8C
>> > inet addr:192.168.1.67 Bcast:192.168.1.255 Mask:
>> >255.255.255.0
>>
>> You probably got this via dhcp from your adsl/cable/... modem
>>
>> > inet6 addr: fe80::219:21ff:fe1f:ef8c/64 Scope:Link
>> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> > RX packets:181912 errors:0 dropped:0 overruns:0 frame:0
>> > TX packets:103699 errors:0 dropped:0 overruns:0 carrier:0
>> > collisions:0 txqueuelen:1000
>> > RX bytes:155933054 (148.7 Mb) TX bytes:13910295 (13.2 Mb)
>> > Interrupt:177
>> >Then, I use a website "no-ip.com" to see that the IP address that they
>> >think I am broadcasting from is: 76.240.78.202.
>>
>> Yup that is the address assigned to your router.
>>
>> >Of course, when trying to use it (http://76.240.78.202:8080/), it
>> >stalls. Leaving me to believe that this is some kind of firewall or
>> >proxy address.
>>
>> It is a router/modem which is not designed to pass on packets. You can do
>> one of three things.
>> a) forget coming in from outside.
>> b) set up a vpn between your machine and his machine.
>> c) set up your router to do port forwarding ( where if the router gets a
>> packet for port 80 say it automatically sends it to port80 on your
>> machine-- but this means that your local IP address must be stable-- ie not
>> dhcp, or with the dhcp address tied to your mac address
>> d) set up your router to do bridging so that your computer is also given
>> the address 76.240.78.202 with all packets immediately forwarded to your
>> machine.
>>
>> (And yes that is four points not three).
>>
>> >Again, I am running Suse 10.1. What can I do to allow my colleague to
>> >see my web server?
>>
>> Is your address supplied by a router under your command ( eg from an adsl
>> modem) or is it supplied from some organisation out of your command. In the
>> latter case you are SOL.
>>
>> >TIA.

>If the external address is supplied by the ISP he can still use one of
>the dynamic-dns services (I use dyndns.org) together with port-
>forwarding to make the web-site publicly available.

Sure, but first he must use port forwarding, if he can actually get at the
router to set that. If the router is out of his control (it sounds like it
is not-- it is a 2wire I assume dsl modem/router), then he is SOL. If it is
in his control, he may be able ( after negotiating the user manual of the
modem) to enable port forwarding. That is the hard part.

milkyway <d0mufasa@hotmail.com> writes:

>Hi All,

>I just wrote a reply but I think it got lost - so - here we go
>again :-)

>I have struck gold here! Yippee! Basically, the task has been
>accomplished.

>I spoke with a guy from AT&T, he said that the only way for me to
>accomplish what was needed, was for me to order a static IP from AT&T.
>He said that the IP forwarding "doesn't work like that".

Yes, he would wouldn't he. STatic addresses cost more.
Also static addresses are static, which means that your public IP does not
change each time the connection is brought up again.



>Then, I spoke to a rep from 2WIRE. With his help, the problem was
>solved. To do it, what I had to do was:

>1. Fix the port forwarding so that the port 8080 of the router is
>associated with 8080 of the Linux box. Before,
> I had it as port 80 of the router associated with 8080 of the
>linux box. I guess that this did not work because
> (to my understanding), port 80 is normally reserved for web
>servers.

>2. The hint that he gave me to solve this mess was to turn off the
>firewall on my linux system! I had forgotten
> that it was there. I think that Suse 10.1 activates automatically
>- but I am not totally sure. Anywho, THAT
> was the lynchpin and by shutting it off, all worked well.

>I followed the inputs/instructions at the www.2wire.com site. There is
>a .pdf file for how to configure the router. Basically, I just added a
>new definintion called "Server Port" and defined it as mentioned in
>step (1) above. I the application definition to the linux box.

>Well, I think (at least so far), this puppy can be put to rest.

Great.

>THANKS AGAIN GUYS!

>KR

On Sep 17, 4:11 pm, Pascal Hambourg <boite-a-s...@plouf.fr.eu.org>
wrote:
> [Crosspost removed]
>
> Hello,
>
> Andy Ruddock a écrit :
>
>
>
> > The internal IP of the router is usually setup as a non-routable
> > address
>
> s/routable/globally routed/
> Private addresses are routable but not globally routed.
>
> E.g.
> 192.168.0.0/16 = private, non globally routed on the public internet
> 169.254.0.0/16 = link local, non routable through any router
>
> > (packets addressed to a non-routable address are just dropped
> > if you try to send them over the internet
>
> This is for a non globally routed address. Packets addressed to a non
> routable address are dropped if you try to send them through any router,
> on the public internet or in a private network.
>
> > - this means we can all use
> > these addresses on out internal networks without fear of interfering
> > with anybody outside).

My bad, poor explanaition

> Until two or more of these private networks are privately
> interconnected, e.g. through a VPN over the public internet, a dedicated
> link... This is a reason why IPv6 "site local" addresses were deprecated
> and replaced with globally unique local addresses.

I suffer from this precise problem, two vpn's to which I'd like to
connect both insist on the same subnet. One at a time only.

> > This internal interface is generally the
> > gateway address you see as the default gateway in the 'route' command.
> > Packets sent from your server go via the router and out to their
> > detination somewhere on the internet, the router keeps a note of all
> > 'conversations' started in this way and automatically routes the
> > replies back through it's internal interface and on to your computer.
> > However, packets arriving at the router which are not part of an
> > ongoing conversation started by you are just dropped by the router as
> > it doesn't know what to do with them.
>
> This is not true in all cases. Particularly this is not true for a
> Linux-based router. Linux knows how to route an incoming packet which is
> not part of an ongoing conversation. The fact that by default such a
> packet which is not addressed to the server has no reason to be routed
> to the server is a totally different matter.

That's why you have to enable and configure port-forwarding, which is
the whole purpose of this thread.