Thread: Calibre server wont start ...help please
View Single Post
Old 05-17-2010, 03:59 AM   #16
chaley
Grand Sorcerer
chaley ought to be getting tired of karma fortunes by now.chaley ought to be getting tired of karma fortunes by now.chaley ought to be getting tired of karma fortunes by now.chaley ought to be getting tired of karma fortunes by now.chaley ought to be getting tired of karma fortunes by now.chaley ought to be getting tired of karma fortunes by now.chaley ought to be getting tired of karma fortunes by now.chaley ought to be getting tired of karma fortunes by now.chaley ought to be getting tired of karma fortunes by now.chaley ought to be getting tired of karma fortunes by now.chaley ought to be getting tired of karma fortunes by now.
 
Posts: 12,450
Karma: 8012886
Join Date: Jan 2010
Location: Notts, England
Device: Kobo Libra 2
Quote:
Originally Posted by SensualPoet View Post
So far so good -- another computer BEHIND the firewall has access using the 192.168.x.x:8787 and correctly grabs the calibre index. But I still can't figure out how to make a computer on the OUTSIDE of the router see 99.230.x.x:8787 which is the address of the machine running Calibre (according to: http://www.whatismyip.com/).
Welcome to the wonderful world of Network Address Translation (NAT), IP (Internet Protocol) addressing, and DNS (Domain Name System) management.

The 192.168 IP address is in a private IP address space, which means that the router you are using is doing NAT. NAT translates IP addresses in requests from the private side of the router to the public address, changing some things (ports) in the process, and vice versa. One consequence of this is that a machine with a private IP address is not visible from outside unless a) it has opened a channel, or b) the router has been told to forward requests. You need to do the second.

Your router will have a setup screen/system, probably available through the internal web (probably 192.168.0.1 ). Somewhere in there you will find the ability to 'forward' ports from the outside to the inside. For example, on my Netgear DB834, it is done by setting up an incoming firewall rule. With some other routers, you can define a particular internal machine to get all packets. Check your router's documentation.

There are 3 gotchas to be aware of. The first is the you might be using DHCP on your router, meaning that internal addresses are dynamically allocated when an internal machine connects. This could break port forwarding, because the address of the machine being forwarded to could change. The easiest way to resolve this is to make an 'address reservation' for the machine in the router, so that it always gets the same address. Alternately, give the machine a fixed IP address that is not in the router's DHCP space.

The second is similar, but for your router. Your ISP might allocate IP addresses dynamically, meaning that your router's external IP address might change. This will make accessing your router (and thus your server) from the outside problematic, because you will not know the correct IP address. The easiest way to solve this problem is to use dynamic DNS, which allocates your router a name (e.g., foo.dyndns.net) and maintains the association between this name and the correct IP address.. Your router will almost certainly have support for one or another of the dynamic DNS systems. Dyndns is common.

The third is security. Be aware that you are opening your computer to network attacks by bad guys anywhere in the world. Some of the bad guys are very smart, and if there is a security hole on your computer, they will find it. To protect yourself, only open the ports you really need open.
chaley is offline   Reply With Quote