I'm seeing a peculiar DNS/Apache interaction. I hope
someone on the list can help.
Background
I'm running my LAN behind a router (Linksys RV042) which
provides NAT and port forwarding. Port 80 is forwarded
to a Mac Mini (Mac OS X 10.4.8), running Apache 1.3.33.
I use named (BIND 9.2.2) to provide split DNS. Here are
some details, in case they matter:
From the LAN, dig says:
cfcl.com. 259200 IN A 192.168.1.212
fido.cfcl.com. 259200 IN A 192.168.1.205
tchm.cfcl.com. 259200 IN A 192.168.1.212
From the WAN, dig says:
cfcl.com. 259200 IN A 24.221.172.174
fido.cfcl.com. (no answer)
tchm.cfcl.com. 259200 IN A 24.221.172.174
My httpd.conf file (on cfcl.com) contains:
<VirtualHost *:80>
ServerName tchm.cfcl.com
ServerAdmin rdm@xxxxxxxx
# ErrorLog /dev/null
CustomLog /dev/null common
ProxyRequests Off
ProxyPass / http://fido.cfcl.com:3002/
ProxyPassReverse / http://fido.cfcl.com:3002/
</VirtualHost>
>From various machines on the LAN, when I try pages such as
http://tchm.cfcl.com/main/about
http://tchm.cfcl.com
I see the expected pages (generated by Ruby on Rails).
Problem
When I try to access tchm.cfcl.com from an external box,
however, I get assorted errors. For example:
> % telnet tchm.cfcl.com 80
This gives me cfcl.com's home page, which is not what I was
hoping for. Digging further, I get errors such as this:
> % telnet tchm.cfcl.com 80
> Trying 24.221.172.174...
> Connected to tchm.cfcl.com.
> Escape character is '^]'.
> GET /main/about
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <HTML><HEAD>
> <TITLE>404 Not Found</TITLE>
> </HEAD><BODY>
> <H1>Not Found</H1>
> The requested URL /main/about was not found on this server.<P>
> <HR>
> <ADDRESS>Apache/1.3.33 Server at cfcl.com Port 80</ADDRESS>
> </BODY></HTML>
> Connection closed by foreign host.
/var/log/httpd/error_log on cfcl.com confirms that its copy of
Apache was the one generating the error page:
[...] [error] [client ...] File does not exist:
/Library/WebServer/web/cfcl/main/about
One notion I've been considering is that Apache's Proxying is
not actually sending requests to the other machine, getting
the replies, and then forwarding them to the browser. If,
instead, it is issuing some sort of redirect, I could see why
a machine outside wouldn't be successful in following it. If
this is the case, is there a way to cause Apache to do a real
proxy service?
However, turning on port forwarding of port 3002/TCP to fido
didn't change the responses seen by the remote system. And,
although the remote system was able to telnet into something
that acted like an HTTP server on port 3002, when I tried a
"GET /" or a "GET /main/about", I had no luck:
> % telnet cfcl.com 3002
> Trying 24.221.172.174...
> Connected to cfcl.com.
> Escape character is '^]'.
> GET /main/about
> Connection closed by foreign host.
So, I'm confused. Could someone tell me what is going on and
(more critically) how I can make things work from the WAN in
the same way they're working now on the LAN?
-r
--
http://www.cfcl.com/rdm Rich Morin
http://www.cfcl.com/rdm/resume rdm@xxxxxxxx
http://www.cfcl.com/rdm/weblog +1 650-873-7841
Technical editing and writing, programming, and web development
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|