Posted by: Saajha July 19, 2009
Login in to Rate this Post:
0 
? 
?
OK... so I ended up documenting the steps than continuing with the 'demo'.
So, I leased a domain name from one of the name providers. I knew there were a number of steps to go through before I'd have the homepage running the way I wanted. The first step really was to point the domain name to my network's public IP address, so that the 'outside world' could access the network and the site. Since I did not have a DNS server of my own, I created an account on ZoneEdit (www.zoneedit.com). ZoneEdit provides DNS name resolution service to its members' domain names (I think there's a limit of 5 or so, which was not an issue for this purpose).
OK.. so ZoneEdit would translate the domain name resolution request, and forward the HTTP traffic to my IP address. But I'd still have a problem -- My ISP wouldn't give me a static IP address; meaning, my public IP would not remain the same for too long. As a workaround, I used the free service provided by no-IP (www.no-ip.com) that would let the world identify my web server running machine with a static name- so any changes to the IP would always point to the same host. I believe zoneedit also provides this service for free.
Now, when a user types in www.securitty.info, ZoneEdit does the name resolution and tries to direct traffic to my IP, but my IP is supposed to be dynamic, because of which I just created an account with no-ip to get a permanent hostname service. So, there's a contradiction!!
The goal is to send the traffic over to the no-ip's hostname as opposed to the dynamic IP address. Hmm.. but DNS can only translate domain names to IPs. How can I get around that?
So, what I did was --- used 'Web Forward' feature offered by ZoneEdit.
With that:
User types www.securitty.info
ZoneEdit's DNS gets contacted
Zone Edit's web forward translates the domain name to Eg., www.abc.no-ip.com
Zone Edit's DNS server does a recursive lookup by forwarding the request to No-IP's DNS
No-IP's DNS replies to ZoneEdit's DNS with the correct IP address
ZoneEdit saves it in its local cache (if the IP was not previously cached)
Traffic gets redirected to the IP address suggested by No-IP's DNS
No-IP has an agent that constantly runs on one of the machines in the network and keeps on updating it any IP address changes.
Now, back on my local network:
My ISP doesn't allow me to run web server on port 80
I change the ACL of my router to allow traffic coming to Eg., port 12345
Set Apache to run www on port 12345
Instruct No-IP to forward port 80 traffic to 12345
At this point, from the end user's perspective, it's fully transparent. HTTP request goes to www.securitty.info; reply comes back.
From Zone-Edit's perspective, the request needs to be forwarded to a different domain name, whose IP needs to be fetched, and provided to the user requesting access.
From No-IP's perspective, port 80 traffic going to a given hostname needs to be forwarded to an 'updated' IP address and its port 12345.
From the web server's perspective, a request coming to port 12345 needs to get served. It has no knowledge of the fact that the request is really a redirection of the traffic originally destined to port 80.
That's all....
~@~
P.S. - I may have to add a disclaimer here --- This is solely for educational purposes. Going beyond ISPs' protocols might be against the law. Please do not misuse the knowledge.
So, I leased a domain name from one of the name providers. I knew there were a number of steps to go through before I'd have the homepage running the way I wanted. The first step really was to point the domain name to my network's public IP address, so that the 'outside world' could access the network and the site. Since I did not have a DNS server of my own, I created an account on ZoneEdit (www.zoneedit.com). ZoneEdit provides DNS name resolution service to its members' domain names (I think there's a limit of 5 or so, which was not an issue for this purpose).
OK.. so ZoneEdit would translate the domain name resolution request, and forward the HTTP traffic to my IP address. But I'd still have a problem -- My ISP wouldn't give me a static IP address; meaning, my public IP would not remain the same for too long. As a workaround, I used the free service provided by no-IP (www.no-ip.com) that would let the world identify my web server running machine with a static name- so any changes to the IP would always point to the same host. I believe zoneedit also provides this service for free.
Now, when a user types in www.securitty.info, ZoneEdit does the name resolution and tries to direct traffic to my IP, but my IP is supposed to be dynamic, because of which I just created an account with no-ip to get a permanent hostname service. So, there's a contradiction!!
The goal is to send the traffic over to the no-ip's hostname as opposed to the dynamic IP address. Hmm.. but DNS can only translate domain names to IPs. How can I get around that?
So, what I did was --- used 'Web Forward' feature offered by ZoneEdit.
With that:
User types www.securitty.info
ZoneEdit's DNS gets contacted
Zone Edit's web forward translates the domain name to Eg., www.abc.no-ip.com
Zone Edit's DNS server does a recursive lookup by forwarding the request to No-IP's DNS
No-IP's DNS replies to ZoneEdit's DNS with the correct IP address
ZoneEdit saves it in its local cache (if the IP was not previously cached)
Traffic gets redirected to the IP address suggested by No-IP's DNS
No-IP has an agent that constantly runs on one of the machines in the network and keeps on updating it any IP address changes.
Now, back on my local network:
My ISP doesn't allow me to run web server on port 80
I change the ACL of my router to allow traffic coming to Eg., port 12345
Set Apache to run www on port 12345
Instruct No-IP to forward port 80 traffic to 12345
At this point, from the end user's perspective, it's fully transparent. HTTP request goes to www.securitty.info; reply comes back.
From Zone-Edit's perspective, the request needs to be forwarded to a different domain name, whose IP needs to be fetched, and provided to the user requesting access.
From No-IP's perspective, port 80 traffic going to a given hostname needs to be forwarded to an 'updated' IP address and its port 12345.
From the web server's perspective, a request coming to port 12345 needs to get served. It has no knowledge of the fact that the request is really a redirection of the traffic originally destined to port 80.
That's all....
~@~
P.S. - I may have to add a disclaimer here --- This is solely for educational purposes. Going beyond ISPs' protocols might be against the law. Please do not misuse the knowledge.