Difference between revisions of "How internet addressing really works"
Line 31: | Line 31: | ||
Generally, when speaking of proxies, we're talking about web browser access. | Generally, when speaking of proxies, we're talking about web browser access. | ||
(Not always tho... | (Not always tho... But that's a deeper discussion.) | ||
Web proxies are handled by your main web server. | Web proxies are handled by your main web server. Take a look at [[Proxy Server Notes{{!}}Proxy Server Notes]] for some useful details on how this works. | ||
[[Category:Network Management]] | [[Category:Network Management]] | ||
[[Category:Knowledge]] | [[Category:Knowledge]] | ||
[[Category:WIP]] | [[Category:WIP]] |
Latest revision as of 15:45, 18 January 2022
(This is a very rough draft...)
There're 2 ways to get to a machine.
IP address & name.
But to use name, you need to have DNS set up.
Either way, there's also the port.
The port is specific to the actual service on the machine.
i.e.: port 80 is HTTP, port 443 is HTTPS, port 22 is SSH...
When your entire network is on a single address as far as the outside world is concerned, you have a couple options to access individual machines.
Port Forwarding
You can forward specific ports to specific machines (probably with a bit of fiddling in Firewall/NAT on your pfSense box...) or you can set up proxies.
Port forwarding is pretty straightforward, but you need to remember how you've set up the ports.
A good example of how this can work is my general habit of forwarding a port outside the range of Well-Known TCP Ports to SSH on any of my internal machines that I may want to access while away from my own network.
As an example, I have a machine on my network at 192.168.0.99 (Not an address accessible to the outside world) & I'd like access to it while away. I go into Firewall/NAT on my pfSense box & forward port 52099 to this address & translate the port number to 22 (SSH). This gives me the ability to SSH into the machine pretty much anywhere I may be as long as I have internet access.
You can do the same for any service. You could port 52080 to an internal machine at port 80 (http), but you'll have to remember to add :52080
to the machine name or IP address when accessing it from outside. (i.e.: http://my.domain.net:52080/
)
Proxies
Generally, when speaking of proxies, we're talking about web browser access.
(Not always tho... But that's a deeper discussion.)
Web proxies are handled by your main web server. Take a look at Proxy Server Notes for some useful details on how this works.