Hi Anselm,

yes - the situation is exactly as you have described it. Your suggestion is very good and I will test it today.

Best Regards

Am Sonntag, 20. Januar 2013 10:57 CET, Anselm Martin Hoffmeister <ans...@hoffmeister.be> schrieb:

Am 20.01.2013 01:17, schrieb Holger A. Brinkhaus:
> Hi all,
> at the moment //etc/apache2/conf.d/SOGo.conf/ is configured for external
> access (which works via DynDNS). This works fine but also means that
> this is also used for my internal access. For this reason I am limited
> to external bandwidth also for my internal accesses. Is there a
> possibility to change this?
> Best Regards
> Holger

Hi Holger,

what I suspect is happening in your case (at least it seemed to be like
that in a setup here):

Internal access to Sogo: Packets sent to public IP address go to the DSL
device, are forwarded to "the internet", go back - and such traverse the
slow DSL line twice. A bit weird that the DSL device would not recognize
its own external IP there... but I tracerouted it once.

You obviously have a server machine running locally, in the LAN. Is
having a DNS server running on that feasible? What did the trick for us
was using the Linux box as DNS-server for the LAN (be sure to configure
the DHCP-server accordingly, or tell the DSL router to use that machine
instead of the provider's DNS servers).

With the ISC BIND (well, there are others - I just know BIND best) you
can allow recursive requests - that is a good idea for the local
network. Don't necessarily set any forwarders there, the BIND can very
well talk to the DNS root servers itself.

Also create a local "zone" for "myaccount.dyndns.org" with something like

myaccount.dyndns.org. 300 IN SOA .....
myaccount.dyndns.org. 300 IN NS myaccount.dyndns.org.
myaccount.dyndns.org. 300 IN A
myaccount.dyndns.org. 300 IN AAAA 2001:db8:fe24:2ff1::3705

This should make all DNS requests be answered normally except those
for the single DNS record of your dyndns name, for which your LAN
clients are served the local IP address. The Apache will not need
any special configuration as long as you don't have any IP-address based
stuff in there but go through the FQDN in all cases.

You could still differentiate in Apache by the source IP address, if
that is at all necessary.

In my opinion this is not the most ideal solution, but far easier than
having a second FQDN, and also easier than f*ix*ing the routing tables.
DSL devices tend to be suckers when it comes to accessing their external
IP address from the internal LAN and forwarding ports to internal.


Reply via email to