|
Posted by Patient Guy on March 3, 2008, 1:03 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>> 1. I have a (wireless) router set up in "gateway mode." Hosts on the
>> LAN are dynamically assigned 192.168.1.x addreses [...]
>
>> 2. When I interface with the router (via web interface) to check for
>> its WAN IP assignment, I get to my astonishment the following:
>> IP Address: 10.202.46.2
>
>> Of course, I am astonished because 10.x.x.x. are also designated for
>> private LAN and not Internet IP addresses, right?
>
> Yes. Your ISP appears to be using 10.* addresses for its own network.
> This is perfectly acceptable, provided they are hidden from the rest
> of the Internet. The potential downside is that you can't have inbound
> connectivity to your network.
>
>
>> 4. I have access to a host "on the Internet" (169.237.x.x) [...]
>
> University of California, Davis UCDAVIS2 (NET-169-237-0-0-1)
> 169.237.0.0 - 169.237.255.255
>
>> This remote host is running FileZilla ftp server and I can monitor
>> attempts to connect and IP addresses. When I attempt to use FireFTP
>> (an "extension" creating an ftp client within the FireFox http
>> client), the FileZilla server monitor on the remote host reports that
>> my IP address is 64.30.y.y, and not 10.202.46.2, which is consistent
>> with my understanding that 10.x.x.x addresses are private.
>
> It's quite possible that your 64.30.* address is part of the public IP
> address range for UCD.
don't think so. This is what the FileZilla server on the UCD host is
showing during attempts to make an FTP connection from the host with IP
10.202.46.2 above using the ftp client. That is,
router NAT ISP NAT
192.168.1.3 ---------> 10.202.46.2 ------> 64.30.y.y ---> Internet
Internet ---> host 169.237.x.x running FileZilla ftp server
>
>> That means that the ISP must be "onion"ing its network: that is,
>> providing service as a layer or shell of its own private network, and
>> running a layer within a layer, with a complex network address
>> translation system. Is that possible??
>
> Clearly it's possible because it's happening. Your router is using NAT
> to hide your network behind a single IP address. Your ISP is doing
> exactly the same - hiding its network (and your single "public" IP
> address) behind one or more IP addresses.
>
>
>> At any rate, I am not concerned about how they configure their
>> networks. I am ONLY concerned that they are or might be firewalling
>> inbound port 80 service, or for that matter, any service.
>
> Almost certainly yes.
>
>
>> 4. When I attempt to connect to the FileZilla server on the remote
>> host through the FireFTP client, I can login, but I cannot start a
>> file transfer. I always get a
>> 425 Can't get data connection
>
> I don't see that inbound connections to your network are relevant to
> this problem.
Why would the ISP stop my ftp client on 192.168.1.3 making requests to the
server fully outside of it at host 169.237.x.x? I figure if I can solve
at least that problem, I might be able to solve the problem of providing
http service on 192.168.1.3....possibly. Sort of the one problem solved
leads possibly to another problem solved.
> I think you may be mixing things up a little. But, to
> resolve this error try switching your FTP client to "passive" mode.
>
Oh, and that 425 error does happen in PASV mode.
> Chris
>
| 
XML site map