Difference between revisions of "How internet addressing really works"
(Created page with "(This is a very rough draft...) There're 2 ways to get to a machine. IP address & name. But to use name, you need to have DNS set up. Either way, there's also the port. T...") |
|||
| Line 14: | Line 14: | ||
When your entire network is on a single address as far as the outside world is concerned, you have a couple options to access individual machines. | When your entire network is on a single address as far as the outside world is concerned, you have a couple options to access individual machines. | ||
| + | |||
| + | == Port Forwarding == | ||
You can forward specific ports to specific machines (probably with a bit of fiddling in Firewall/NAT on your pfSense box...) or you can set up proxies. | You can forward specific ports to specific machines (probably with a bit of fiddling in Firewall/NAT on your pfSense box...) or you can set up proxies. | ||
Port forwarding is pretty straightforward, but you need to remember how you've set up the ports. | Port forwarding is pretty straightforward, but you need to remember how you've set up the ports. | ||
| + | |||
| + | A good example of how this can work is my general habit of forwarding a port outside the range of [https://www.webopedia.com/quick_ref/portnumbers.asp Well-Known TCP Ports] to SSH on any of my internal machines that I may want to access while away from my own network. | ||
| + | |||
| + | As an example, I have a machine on my network at 192.168.0.99 (Not an address accessible to the outside world) & I'd like access to it while away. I go into Firewall/NAT on my pfSense box & forward port 52099 to this address & translate the port number to 22 (SSH). This gives me the ability to SSH into the machine pretty much anywhere I may be as long as I have internet access. | ||
| + | |||
| + | == Proxies == | ||
| + | |||
| + | Generally, when speaking of proxies, we're talking about web browser access. | ||
| + | |||
| + | (Not always tho... But that's a deeper discussion.) | ||
| + | |||
| + | Web proxies are handled by your main web server. Take a look at [[SBN - Proxy Server Notes|Proxy Server Notes]] for some useful details on how this works. | ||
Revision as of 01:44, 17 October 2020
(This is a very rough draft...)
There're 2 ways to get to a machine.
IP address & name.
But to use name, you need to have DNS set up.
Either way, there's also the port.
The port is specific to the actual service on the machine.
i.e.: port 80 is HTTP, port 443 is HTTPS, port 22 is SSH...
When your entire network is on a single address as far as the outside world is concerned, you have a couple options to access individual machines.
Port Forwarding
You can forward specific ports to specific machines (probably with a bit of fiddling in Firewall/NAT on your pfSense box...) or you can set up proxies.
Port forwarding is pretty straightforward, but you need to remember how you've set up the ports.
A good example of how this can work is my general habit of forwarding a port outside the range of Well-Known TCP Ports to SSH on any of my internal machines that I may want to access while away from my own network.
As an example, I have a machine on my network at 192.168.0.99 (Not an address accessible to the outside world) & I'd like access to it while away. I go into Firewall/NAT on my pfSense box & forward port 52099 to this address & translate the port number to 22 (SSH). This gives me the ability to SSH into the machine pretty much anywhere I may be as long as I have internet access.
Proxies
Generally, when speaking of proxies, we're talking about web browser access.
(Not always tho... But that's a deeper discussion.)
Web proxies are handled by your main web server. Take a look at Proxy Server Notes for some useful details on how this works.
