Can't connect local server by public domain name

0

I have my server (Debian Wheezy) in my local home network. On that server I have my own DNS server (dnsmasq) for other local servers (so I can type name instead of local IP) and reverse proxy (nginx). On my router I configured forwarding of 80 & 443 ports to my reverse proxy and everything works just great. But only from outside of my network.

When I type myaddress.com registered in public DNS servers somewhere else, it's fine. But when I type it from my local address, I got nothing. I can access it only by typing local name or IP. By nothing I mean "no data received". For example:

$ wget myaddress.com
--2016-06-01 19:53:46--  http://myaddress.com/
Resolving myaddress.com... 80.243.xx.yy
Connecting to myaddress.com|80.243.xx.yy|:80... connected.
HTTP request sent, awaiting response... No data received.
Retrying.

But when I access it by local IP:

$ wget myaddress.local
--2016-06-01 19:57:13--  http://myaddress.local/
Resolving myaddress.local... 192.168.0.111
Connecting to 192.168.0.111... connected.
HTTP request sent, awaiting response... 200 OK

In nginx log I can see that request was received and also it responded. So I used tcpdump to check out what's happening. Normal dump when accessing from outside my network:

19:37:31.455120 IP myphone > mylocalreverseproxy: Flags [P.], seq 1824665393:1824665988, ack 2996933611, win 336, options [nop,nop,TS val 1206547844 ecr 217767803], length 595
E....F..,.)0B.]....e...Pl./1.......P.......
G.u....{GET / HTTP/1.1
Host: myaddress.com
...other headers...

19:37:31.455241 IP mylocalreverseproxy > myphone: Flags [P.], seq 1:725, ack 595, win 55, options [nop,nop,TS val 217767807 ecr 1206547844], length 724
E...L.@.@.._...eB.]..P......l.1....7.......
....G.u.HTTP/1.1 404 Not Found
Server: nginx/1.8.0
Date: Wed, 01 Jun 2016 17:37:31 GMT

And tcpdump when I try access withing local network:

19:35:25.085344 IP localchromebook > mylocalreverseproxy: Flags [P.], seq 0:390, ack 1, win 115, options [nop,nop,TS val 537594624 ecr 217735412], length 390
E...-M@.>..........e...P.v.4...Y...s.......
 .....`.GET / HTTP/1.1
Host: myaddress.com
...other headers...

And nothing. Resp. another try within few moments. And another and so on.

I'm not admin so I'm not sure what to try and where to look next to see whats wrong and fix it. I should note that about year ago it was working just fine but one day it started to do this and I wasn't able to fix it since. What would you recommend to try?

horejsek

Posted 2016-06-01T18:23:55.610

Reputation: 103

2The problem here has nothing to do with DNS or your hostname, the problem is because you are trying to do a hairpin NAT. Some home routers support that, some don't. I'd suggest trying your question on a site that is targeting home/end users. Serverfault does not. – yoonix – 2016-06-01T18:30:25.680

Maybe you should have a look at: http://serverfault.com/questions/216569/cant-ping-static-ip-from-internal-network-only-from-outside This should simply explain your problem.

– pat1 – 2016-06-01T18:35:02.597

Answers

1

Your router likely doesn't support "NAT Reflection", also called "Hairpin NAT" or "NAT Loopback".

This means that the requests to your public IP address from inside your own network are either not sent to the server at all or are sent to the server with the wrong "Respond-to" IP address, causing "Triangular Routing" which your computer can't handle.

Your router may have a setting that allows you to turn on NAT Reflection. Otherwise, the only way to solve this is with "Split DNS" - setting up DNS in your network to return your server's private IP instead of its public IP.

Moshe Katz

Posted 2016-06-01T18:23:55.610

Reputation: 2 706

I don't know why I couldn't come out with putting more aliases to /etc/hosts and skip using public DNS. It's really weird that it worked before without it, but that's something what will stays unresolved. Important thing is it works now. Thank you! – horejsek – 2016-06-01T18:53:30.353

Asked: 2016-06-01T18:23:55.610

Viewed: 1 387 times

Active: 2016-06-01T18:35:02.597