The last two days I did some serious learning about network address translation that I can apply to the book that I want to write on home labbing. For the uninitiated, the basics behind Network Address Translation is that it allows a whole bunch of computers to share a single public IP address. But that’s just the very basic part of it. Network Address Translation also has to allow external access to computers inside the network.<\/p>\n\n\n\n
Since I am now hosting my own email, I have to obviously have access to the mail server which is a small virtual machine on the inside of my network. Whodathunk that this would be so damn complicated!? I guess there could have been two other options that would have made things simpler, but my my current setup does not lend itself to them. I could have placed all of my servers in a DMZ with a different IP scheme or I could have done split horizon DNS. I would really like to have done split horizon DNS but I am limited by the router that I must use for my internet service.<\/p>\n\n\n\n
So the answer becomes the ugly kludge called “hairpinning” or NAT reflection. The first part of this setup involves the stage before a router makes a decision on routing. This is called “prerouting.” In this stage, I had to match anything destined for the public IP address and translate it to the internal address. Then I need a matching “postrouting” rule to translate from the internal address to the public one. That will take care of external users. But what happens for internal users? Well, this is where hairpinning takes place. <\/p>\n\n\n\n
So any connections that originate internally need to be translated like this: internal address to public address and then back to internal address again. This makes it possible for internal users to reach services based on the public address. It’s ugly but it works for now. I do want to move toward away from hairpinning and towards split DNS. That will take longer and more research however.<\/p>\n","protected":false},"excerpt":{"rendered":"
The last two days I did some serious learning about network address translation that I can apply to the book that I want to write on home labbing. For the uninitiated, the basics behind Network Address Translation is that it allows a whole bunch of computers to share a single public IP address. But that’s […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[4,7],"tags":[],"class_list":["post-918","post","type-post","status-publish","format-standard","hentry","category-information-technology","category-thoughts"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/goblackcat.com\/wordpress\/wp-json\/wp\/v2\/posts\/918","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/goblackcat.com\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/goblackcat.com\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/goblackcat.com\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/goblackcat.com\/wordpress\/wp-json\/wp\/v2\/comments?post=918"}],"version-history":[{"count":1,"href":"https:\/\/goblackcat.com\/wordpress\/wp-json\/wp\/v2\/posts\/918\/revisions"}],"predecessor-version":[{"id":924,"href":"https:\/\/goblackcat.com\/wordpress\/wp-json\/wp\/v2\/posts\/918\/revisions\/924"}],"wp:attachment":[{"href":"https:\/\/goblackcat.com\/wordpress\/wp-json\/wp\/v2\/media?parent=918"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/goblackcat.com\/wordpress\/wp-json\/wp\/v2\/categories?post=918"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/goblackcat.com\/wordpress\/wp-json\/wp\/v2\/tags?post=918"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}