On Thu, Aug 12, 2010 at 5:56 AM, Ryan <cjg5ehi...@sneakemail.com> wrote:
> On Tuesday August 10 2010 12:50:00 Peter Salzman wrote: > > From the lack of entries in the log file, it looks like Apache isn't > seeing > > the incoming request. However, tcpdump seems to be showing otherwise. > > Port 80 is forwarded to the Linux box by the router. > > > > In sites.enabled: > > > > <VirtualHost 24.189.162.69:80> > > ServerAdmin p...@dirac.org > > ServerName www.dirac.org > > ServerAlias dirac.org > > > > # Indexes + Directory Root. > > DirectoryIndex index.html > > DocumentRoot /var/www/ > > > > # Logfiles > > ErrorLog /var/log/apache2/dirac.org.error > > CustomLog //var/log/apache2/dirac.org.access combined > > </VirtualHost> > > --snip-- > > > Any ideas what could be preventing this from working? > > I'm going assume that your router is doing some form of NAT given that you > appear to be connected with a dynamic IP cable internet service. > > Unless you are port forwarding to an internal box that actually has an > interface configured with the IP address 24.189.162.69, this is not going > to > work. The connection will hit your router on port 80, get rewritten to > whatever internal address your web server has, and then hit Apache. Apache > will look at the ip address on the local side of the socket and fail to > match > those vhosts since it doesn't see the 24.189.162.69 address anywhere. > > Another thing to note - cable internet providers often block inbound port > 80 - > and it looks like yours is doing so. > > http://www.google.com/search?q=optonline+block+port+80 > > However, they seem to be doing it by blocking the return SYN+ACK packet > which > is a completely asinine way to accomplish the block which manages to make > troubleshooting extra annoying (as you've discovered). You can check this > by > running tcpdump on both the client and server. > > Fun fact - these port blocks are usually done on the subscriber's modem by > a > policy pushed down in the config file from the CMTS. > > Finally, a general Apache note - unless you actually do need to serve > different sites based on what IP address is hit, you probably should use > <VirtualHost *:80>. It'll save headaches if your ip addresses change. > > -Ryan > Hi Ryan! I actually got it working. It turned out to be a router issue. I forwarded the port using the "port forward" page, whereas apparently I should have forwarded the port using the "application forward" page. I'm not too sure what the difference is, but there you go. I works! Optonline has different classes of service. I have the super-duper deeeeluxe service with static ip and no blocked ports (as you'll see if you point a browser to dirac.org). Thanks for the tip on virtual name host. I definitely will keep that in mind. It's a real headache tracking down "named host has no virtual servers" warnings... Thanks! Pete
_______________________________________________ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech