Announcement

Collapse
No announcement yet.

Problem with accessing the FQDN of a server internally

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Problem with accessing the FQDN of a server internally

    I have posted this in networking as I think its more a router issue than a server issue.

    Basically I get this problem on certain networks, but not all networks, whereby when I try and access the public FQDN, for example, mail.domain.com, that resolves to 123.123.123.123, from inside the local network, it does not work - if I ping it inside the network, it returns results for 123.123.123.123, but If I try and access outlook web access for example, it will throw up a page cannot be displayed error.

    It seems like the local network or the server is still resolving the name externally, but then the router will not allow the traffic destined for any particular port out, and then back in to the network so it blocks the connection.

    Some systems, this does not happen - FQDN can be used internally and externally.

    But on the systems where it does not work, I end up having to add a manual DNS entry on the server that resolves mail.domain.com to the local IP of the server (192.168.1.1 for example) and then normally I need to add an entry for the public website, ie www.domain.com > 234.456.567.67 or whatever.

    Im not sure if its something Im missing, or if there is a reason this is happening.

    It probably only happens on 5 out of around 40 networks that I manage.
    David Silvester
    Systems Administrator

  • #2
    Re: Problem with accessing the FQDN of a server internally

    It's called Hairpin NAT and it's perfectly normal to see as well as being specific to how a particular NAT device handles the traffic you're describing. Here's a pretty good description:

    http://wiki.mikrotik.com/wiki/Hairpin_NAT

    Comment


    • #3
      Re: Problem with accessing the FQDN of a server internally

      Originally posted by joeqwerty View Post
      It's called Hairpin NAT and it's perfectly normal to see as well as being specific to how a particular NAT device handles the traffic you're describing. Here's a pretty good description:

      http://wiki.mikrotik.com/wiki/Hairpin_NAT
      thats good to know. Im just printing that guide out now and will read through.

      Is my work around a sensible one?
      David Silvester
      Systems Administrator

      Comment

      Working...
      X