Networking question.

Post a reply


This question is a means of preventing automated form submissions by spambots.
Smilies
:smile: :sad: :eek: :shock: :cool: :-x :razz: :oops: :evil: :twisted: :wink: :idea: :arrow: :neutral: :mrgreen:
BBCode is ON
[img] is ON
[url] is ON
Smilies are ON
Topic review
   

Expand view Topic review: Networking question.

by Ice Cream Jonsey » Tue Aug 11, 2015 9:55 am

pinback wrote:Alright, I bought this for $70:



I look forward to hearing why that was totally the wrong thing.
You fool!

No, that's perfect. Goddamn, I've got two at my house AND a BeagleBone and I want to buy another one to set it up.

by pinback » Tue Aug 11, 2015 9:47 am

Well, I already have the webserver running on my local linux box, that's how this problem came up in the first place.

But yeah, http://nightowlx.net is hosted on my box, as well as everything that it links to. (Which is everything I've ever done.)

Once the pi arrives I will move the nginx config over there and have it handle it.

by RealNC » Tue Aug 11, 2015 9:24 am

For a web server, any Pi will do, really, even the crappiest you can find.

$70 in order to avoid network configuration hell and also being able to power off your PC, is a small price to pay, imo.

On the other hand, you will now have to deal with setting up a Linux web server and keeping the new system up to date.

by pinback » Tue Aug 11, 2015 4:44 am

Alright, I bought this for $70:



I look forward to hearing why that was totally the wrong thing.

by pinback » Mon Aug 10, 2015 6:29 pm

can someone just tell me what to buy

by Flack » Mon Aug 10, 2015 5:16 pm

Let the record show I suggested you buy a Raspberry Pi back in May.

http://www.joltcountry.com/phpBB2/viewtopic.php?t=9649

Also let the record show that every single active poster on JC disagreed with me. Except for Tdarcos, who I think was dealing with coconut balls or something.

by pinback » Mon Aug 10, 2015 4:31 pm

More computers! Got it! CAN DO!

What is the best raspberry pi anymore and how do I serve webs from there? A flash drive or something?

by RealNC » Mon Aug 10, 2015 3:27 pm

Or get a Pi and run the server there.

by The Happiness Engine » Mon Aug 10, 2015 2:02 pm

Look, don't try to do these two things at the same time. It's not the answer you want, but it's the sane answer unless you want to become a network engineer. Run more computers, or virtual machines, or something, but splitting all your routing around will become just more and more nightmarish.

by pinback » Mon Aug 10, 2015 11:42 am

Excellent. However, I now realize that it doesn't quite work, as I'm unable to reach private IPs on the remote network.

So close!

by RealNC » Mon Aug 10, 2015 8:58 am

Wait, I didn't explain why that was a problem with running a web server...

The issue is that a computer tries to connect to your web server by using your IP and the appropriate port. Say, 1.1.1.1:80. That step works just fine. The bytes are sent by that remote computer to 1.1.1.1, and they are received by your modem. The router then takes them and sends them to your desktop computer (because you forwarded port 80). The web server sees those bytes, and replies back. That reply, however, is taken by OpenVPN and send to the VPN server. The VPN server, which has a different IP, say 2.2.2.2, then forwards them to the remote computer that initiated the connection.

So what the remote computer sees, is that some bytes arrived from IP 2.2.2.2, even though it tried to connect to 1.1.1.1. It expects an answer from 1.1.1.1, but the answer came from 2.2.2.2. That doesn't work. The remote computer ignores that reply, because it came from a different place.

by RealNC » Mon Aug 10, 2015 8:42 am

Some documentation on this:

https://community.openvpn.net/openvpn/w ... ectGateway

by RealNC » Mon Aug 10, 2015 8:41 am

This option is there to disallow traffic being redirected (routed) to the VPN, unless that traffic is going towards the VPN network (its subnet) to begin with.

Normally, everything goes through the VPN. When watching porn, the VPN server is actually downloading the porn and then sends it your way. The porn site doesn't see you, it only sees the VPN server. When connecting to a workplace network, you want to avoid that. When connecting to a "hide my identity" type of VPN service, then you want that.

The default settings assume you want the latter (hiding your identity) rather than the former (connecting to your workplace.)

by pinback » Mon Aug 10, 2015 6:55 am

Christ, it (adding "route-nopull") to the client file worked.

You are the MAN!!

Can you explain to a moron (me) what that actually means/does?

by pinback » Mon Aug 10, 2015 6:49 am

RealNC wrote:Are you using VPN as a way to mask your IP when using the Internet, or as a way to access the network the computer running the VPN server is on?
The latter.
If it's the latter, then all you need to do is remove the "redirect-gateway" option from the OpenVPN configuration.
No shit?!

by RealNC » Mon Aug 10, 2015 6:25 am

Also, post your OpenVPN config file here.

by RealNC » Mon Aug 10, 2015 6:14 am

Are you using VPN as a way to mask your IP when using the Internet, or as a way to access the network the computer running the VPN server is on?

If it's the latter, then all you need to do is remove the "redirect-gateway" option from the OpenVPN configuration.

If it's the former, then it gets complicated.

by pinback » Mon Aug 10, 2015 4:41 am

can...

can u do that 4 me??

by Flack » Sun Aug 09, 2015 7:55 pm

I've never specifically used OpenVPN. That being said, I assume once you establish a VPN connection it is either (a) changing your IP address or (b) there's no network route for incoming packets to find the web server, at which point you would need the two on two different subnets and some way to route traffic between the two.

by AArdvark » Sun Aug 09, 2015 7:33 pm

That's like a whole 'nother language.


THE
SPEEK ENGLISH
AARDVARK

Top