Topic: port forward

[CharlieBrady]

A solution has been provided: from the LAN, clients should point directly to the internal machine running the opensim server, instead of pointing at the SME server itself. You can do this either by changing the IP to the internal one, or by using a DNS name which, from the oustide, resolves to the SME Server's WAN IP (that it'll pass through the port forwarding), and, from the inside, resolve directly to the opensim server's LAN IP

This is a standard solution, called split horizon DNS.

https://en.wikipedia.org/wiki/Split-horizon_DNS

You configure opensim.your.domain in SME server for the LAN to use, and in your external DNS for Internet users to use. The former points to your LAN opensim server, and the latter to your SME server WAN address.

[enchesss]

Hi Daniel

Sorry for the confusion - however It was not possible to start with the fact that port forwarding is working because this was not evident until I went to another network/ premises and opensim is/ was not accessible from any workstation on the local LAN - leading to incorrect conclusions about the problem.

Attempts have been made at both of the suggestions that you provide and unfortunately they do not work.

Placing the internalip in the address bar for the opensim viewer results in connection refused

Setting up a DNS name has not been successful either because of a lack of knowledge about how to do it.

Thanks for your suggestions

I am reading about some similar experiences with others - but again they are stuck too and have not resolved the issue

It is not an easy one

If as you suggest - the router has extra capabilities with NAT reflection then that is new to me.

you may be right - that it was working by mistake - however the router has been set up like this on purpose for remote shell and opensim access. So an accident is unlikely - though considered.

[CharlieBrady]

Placing the internalip in the address bar for the opensim viewer results in connection refused

If you mean by "internalip" the LAN IP address of the SME server, then this is not surprising, since SME server is not running opensim. You should be using the opensim server's IP address. And if that's not working, then I have no idea why not, but it probably has nothing to do with the SME server.

If as you suggest - the router has extra capabilities with NAT reflection then that is new to me.

That would be new to me too. But I know nothing about your router or what was happening when things were apparently working.

[CharlieBrady]

Sorry for the confusion - however It was not possible to start with the fact that port forwarding is working ...

And yet you were prepared to start with this (false) statement:

  The port forwarding settings in the server manager are not working.

If instead of that statement, you had started with "I am trying to do X, but instead of seeing Y I see Z", then you wouldn't have wasted your time and ours.

Please read this excellent essay:

http://www.chiark.greenend.org.uk/~sgtatham/bugs.html

[enchesss]

Hi CharlieBrady

Following your advice:

a new hostname was added in the server-manager console called opensim

the result is:

opensim.openworldsproject.info

It is set to resolve local and points to the opensim server ip address on the local network

the internet dns sub domain has also been set up:

opensim.openworldsproject.info

and this points to the SME server WAN address

The opensim server html is accessible via opensim.openworldsproject.info:9000 externally (from outside the LAN - a friends house) - but not internally on the local LAN

The result is the same as before - access from the internet but not locally (PROBLEM 1)



Also (as stated before)

access to the opensim server's web error page (that says "Ooops The page you requested has been obsconded with by knomes. Find hippos quick!") on port 9000 via a web browser can be achieved locally with an ip address, however

the localip address does not work in the opensim viewer and says connection refused while completing a region handshake (PROBLEM 2)

Do you think that the two problems are related?

 



 

[CharlieBrady]

The opensim server html is accessible via opensim.openworldsproject.info:9000 externally (from outside the LAN - a friends house) - but not internally on the local LAN

The result is the same as before - access from the internet but not locally (PROBLEM 1)

That sounds like your client system (where you are running the browser) is using Internet DNS servers for name resolution, rather than using SME server.

the localip address does not work in the opensim viewer and says connection refused while completing a region handshake (PROBLEM 2)

I know nothing about opensim viewers or region handshakes or whatever protocols they are using. This is an opensim problem, and you'll need opensim knowledgeable people to troubleshoot.

[Stefano]

ok..

@all: please be polite

to OP:
- please remember we don't know anything about your server, setup, environment nor we see your screen.. so, you are our eyes and you can't expect us to understand what you mean; please be verbose, give all the needed info
- please remember this is a forum, not an helpdesk.. we (all of us) try to help everybody doing our best to help

@all, finally: please stop being unpolite, keep the topic IT or it will be locked, thank you

[ReetP]

Enchess,

Please note that the people here are all volunteers and will do their best to help you. Most are mighty experienced and knowledgeable, and have been working on and administering SME and Linux servers for many many years. Charlie was one of the original coders at esmith and has probably forgotten more than the rest of us know !

As has been pointed out, none of us can see your actual hardware. We can only go methodically through the issues and eliminate them bit by bit.

They do not ask questions just to entertain you or annoy you - they are trying to get to the root cause of the issue so they can help you (it was you who came asking for help remember), and their IS a method in all this, as I have learned myself. Making guesses or assumptions (Ass U Me etc) is the surest way to annoy people and waste their time chasing ghosts. You have to be logical and methodical.

FWIW I think you are misunderstanding something fundamental here that has been explained. Your SME box will ONLY forward packets that are destined to go out of the network LAN -> WAN or come in to the network WAN -> LAN. It won't affect ANYTHING that passes locally on your LAN e.g. LAN -> LAN

You can check that by disconnecting the SME server from your switch and then trying to connect to your opensim box or a.n.other box on your LAN using it's IP (ping first to make sure they respond). If they do not respond, you have a different issue, and it is not a problem with the SME box.

The only thing that the SME box may try and do NOW is resolve the DNS for you since you set up the domain names on it. However, what DNS settings do the clients use ? If they are set to say use Google, they will ignore anything that SME tries to tell them.

What happens on a desktop if you try and ping the opensim box. What IP gets returned ?

a new hostname was added in the server-manager console called opensim

the result is:

opensim.openworldsproject.info

It is set to resolve local and points to the opensim server ip address on the local network

the internet dns sub domain has also been set up:

opensim.openworldsproject.info

Are you sure that is correct ?

Me making a few assumptions...

Your SME box is called smeserver.mydomain.com on your network say 192.168.100.1

Your opensim box is called opensim.mydomain.com 192.168.100.2

In the Hostnames settings of your SME you should have one host called opensim pointing to the local IP of the opensim box - 192.168.100.2

(Your portforward (for traffic WAN -> LAN) should be pointing at 192.168.100.2. But we believe that is working correctly.)

You should then be able to LOCALLY resolve the opensim box (assuming the desktops use SME for DNS queries)

I do not think you need a 'subdomain' anywhere on SME.

It will help if you can post some idea of your network layout and IP address ranges, domain settings etc. so we can visualise what is going on.

B. Rgds
John

President, Koozali Foundation

[enchesss]

Hi John

Everyone's help is appreciated greatly (and respected). Regarding your queries:

The main difficulty is figuring out why the local LAN access to the opensim server works [via http://openworldsproject.info:9000] in the opensim viewer [kokua] when a modem router is used but not when the SME is used.

Using the SME server - external access to the opensim server has been achieved via port forwarding using kokua and the address openworldsproject.info:9000 - something that was not evident from behind the SME

This was not evident from behind the SME on the local LAN because the opensim viewer does not work from LAN clients using these suggested addresses:

opensim_IPADDRESS:9000
openworldsproject.info:9000
opensim.openworldsproject.info:9000
external_IPADDRESS:9000

hence the initial concern about there being a problem with port forwarding.

It is not clear to me what the actual problem is - however - when doing

check that by disconnecting the SME server from your switch

a modem/ router replaces the SME as a gatweay (with port forwarding configured) and access from internal LAN and external internet clients to the openworldsproject:9000 is working

If this is a DNS issue - testing the clients to use the SME as the DNS nameserver has not helped despite adding "opensim" as a hostname

e.g. in Hostnames and addresses:

opensim.openworldsproject.info    Local    opensim_IPADDRESS         opensim    Modify    Remove

What happens on a desktop if you try and ping the opensim box. What IP gets returned ?

[root@openworldsprojectserver ~]# ping opensim.openworldsproject.info
PING opensim.openworldsproject.info (opensim_IPADDRESS) 56(84) bytes of data.
64 bytes from opensim.openworldsproject.info (opensim_IPADDRESS): icmp_seq=1 ttl=64 time=0.911 ms
64 bytes from opensim.openworldsproject.info (opensim_IPADDRESS): icmp_seq=2 ttl=64 time=1.15 ms


If it is a dns issue - hopefully it can be fixed -

Should it be marked as resolved/ renamed - more clarity provided in the name?

Hope this helps and finds you well

[ReetP]

Without knowing anything about opensim I think you are chasing ghosts with SME/routers.

My suggestion would be to disconnect both the SME server and any other internet access from your switch and then figure out why your opensim server is refusing access from local LAN clients as that is most likely where your issue lies.

Connecting from outside (WAN->LAN) clearly works and the SME box is doing what it was designed to do and the port forwarding seems to be working OK.

However, the SME box will NOT affect ANYTHING on your local LAN barring DNS queries. The fact opensim appears to work with your router is most likely a red herring and as previously suggested, you probably 'got lucky' and the router is doing something it probably shouldn't be

If your opensim box is set up correctly you should be able to disconnect ALL outside access and connect using a local IP from a local client. If you can't (which seems to be the case) then the issue is with opensim and not SME.

So my suggestion is disconnect SME from your switch, do not connect any other device such as a router so as to make sure you isolate the issue to the LAN, and then figure out what opensim is doing by accessing it solely with its IP address. Have you checked the opensim logs ?

If you can't access it with 192.168.10.31:9000 then it is opensim or possibly the client that has the issue, and that is where you should be looking.

Once you can do that I think you will be able to connect up SME and it all will work fine.

At a quick glance here http://opensimulator.org/wiki/Network_Settings I suggest you look at your network settings as that is the most likely source of issues.

HTH

B. Rgds
John

President, Koozali Foundation

[janet]

enchesss

Just checked access to your opensim site (from externally obviously on  a Android phone).

Using either
http://openworldsproject.info:9000/
Or
http://opensim.openworldsproject.info:9000/

I get:

Ooops!
The page you requested has been obsconded with by knomes. Find hippos quick!
If you are trying to log-in, your link parameters should have: "-loginpage http:///?method=login -loginuri http:///" in your link

That seems to be similar/same as the error you receive when you say you try local access to your opensim server (via I assume the hostname setup on sme server).

If both external access & internal access give a same/similar message, then perhaps there is some additional configuration required in opensim itself, as per the suggestion given in the error message.

I know nothing about opensim & the viewers etc, so cannot help or suggest further re what to configure in opensim or the viewer.

Google is your friend, and/or an opensim experienced user forum may be a good place to ask.

[janet]

enchesss

It appears to be a default web page.
http://opensim-users.2152040.n2.nabble.com/Default-OpenSim-web-page-td5435053.html

If so then access appears to be working (for both external & internnal).

Maybe you need to read more about using opensim.

enchesss

Just checked access to your opensim site (from externally obviously on  a Android phone).

Using either
http://openworldsproject.info:9000/
Or
http://opensim.openworldsproject.info:9000/

I get:

Ooops!
The page you requested has been obsconded with by knomes. Find hippos quick!
If you are trying to log-in, your link parameters should have: "-loginpage http:///?method=login -loginuri http:///" in your link

That seems to be similar/same as the error you receive when you say you try local access to your opensim server (via I assume the hostname setup on sme server).

If both external access & internal access give a same/similar message, then perhaps there is some additional configuration required in opensim itself, as per the suggestion given in the error message.

I know nothing about opensim & the viewers etc, so cannot help or suggest further re what to configure in opensim or the viewer.

Google is your friend, and/or an opensim experienced user forum may be a good place to ask.

[enchesss]

Thanks Janet

Please close this thread.

John (ReetP) has suggested that removing the sme and router for testing is the place to start

The messages that you have seen is because the sme has been removed

Apologies for the confusion.

Will check the opensim groups too - but at least as you say - it is working now.

OpenSim is working internally and externally - verified using the TPLINK TD-W8960N router.

Settings are in the:

NAT -- Virtual Servers Setup - it says

Virtual Server allows you to direct incoming traffic from WAN side (identified by Protocol and External port) to the Internal server with private IP address on the LAN side.
The Internal port is required only if the external port needs to be converted to a different port number used by the server on the LAN side.
A maximum 32 entries can be added manually.
A maximum 64 entries can be added by UPnP clients.
 
Server Name    External Port Start    External Port End    Protocol    Internal Port Start    Internal Port End    Server IP Address    WAN Interface    Status    Enable/Disable    Edit    Remove
virtualworlds    9000    9050    TCP/UDP    9000    9050    opensimip    ppp0.2    Enabled
 

[ReetP]

Thanks Janet

Please close this thread.

John (ReetP) has suggested that removing the sme and router for testing is the place to start

Best place to start. If opensim does not work correctly on your LAN with ip adresses then it is misconfigured and you need to understand why.

Will check the opensim groups too - but at least as you say - it is working now.

OpenSim is working internally and externally - verified using the TPLINK TD-W8960N router.

Have you tested with IPs and with SME and the router disconnected ?

If not then you haven't actually fixed the problem, just gone back to where you were before !

NAT -- Virtual Servers Setup - it says

And port forwarding in SME would do exactly the same thing.

Did you actually test as I suggested ?

B. Rgds
John

[enchesss]

Hi John,

Sorry for the delay

Have you tested with IPs and with SME and the router disconnected

Thank you and your suggestion does reproduce the issue and there is no access to opensim when the modem/ router is unplugged from the network

the clients can ping the opensim server and see the web browser error page at http://opensimip:9000

For opensim there is a regions file where the external ip address has to be configured - I will pursue this

BR