x
all questions login
General DNS & Domains Dyn Email Update Clients Dyn Developer

NAT Traversal issues with Dynamic Global Hostname/Wide-Area Bonjour on an Apple AirPort Extreme Base Station

0

Hello,

I recently purchase the Custom DNS service in order to play with the Dynamic Global Hostname feature on my Macs. I've set up my Zone as instructed in the FAQ but I'm having difficulty accessing the Hosts. I believe this is caused by the router no properly forwarding the needed ports but I cannot seem to find a solution. My understanding of this feature is that it should open the ports using NAT-PMP/uPNP but this does not seem to be happening. If I go into the AirPort Utility I can manually forward the ports which will work for one host, but a request to any of the other hosts will also go to the first one.

Example:

imac.mydomain.com
http://mpb.mydomain.com
http://ap.mydomain.com

If I open the ports on the router and point them to the internal IP Address of the iMac any request to http://imac.mydomain.com will work, but a request to http://mbp.mydomain.com will also forward to the IP Address of the iMac.

So right now I'm stuck with the same situation I had before I began using Dynamic Global Hostnames in that I have to manually specify a different port for each host and then append that port number to the end of the URL. Ideally I'd like to be able to go to each host name and see the website hosted there, or say ftp or ssh into each host with just the domain name without needing to specify the port.

Please let me know if I've misunderstood this feature, or if there is a way to accomplish this.

Thank you!

BTW all macs are running version 10.6.2 and the AirPort is firmware version 7.5.

more ▼

asked Mar 20 at 06:49 PM

bradyw\'s gravatar image

bradyw
1 1 1 2

10|600 characters needed characters left
3 answers:
oldest newest most voted
0

I think you might be assuming that the port that gets mapped externally for a service is going to be the well known port for that service which is not necessarily the case. Wide-Area Bonjour (like Bonjour) is a service discovery protocol and looking at it just as a method for performing NAT-PMP/uPNP misses a large chunk of the solution it provides. When a service is advertised in addition to the A-record (ie: http://imac.mydomain.com) a series of PTR and SRV records are also created which are charged with listing what services are available and the information necessary to connect to a given service instance.

The following example shows how a website would be discovered and resolved with http://dns-sd.org configured as a browse domain. First get a list of TCP HTTP services:

  $ dig +short ptr http://_http._tcp.dns-sd.org
  ;; Truncated, retrying in TCP mode.
  \032*\032Zeroconf._http._tcp.dns-sd.org.
  \032*\032Multicast\032DNS._http._tcp.dns-sd.org.
  \032*\032DNS\032Service\032Discovery._http._tcp.dns-sd.org.
  << snipped >>

Then look up a given services SRV record to discover the port and hostname the service is running on:

$ dig +short srv \ *\ Multicast\ http://DNS._http._tcp.dns-sd.org
0 0 80 http://multicastdns.org.

Finally look up a TXT record for any information needed to connect to the service that is not encapsulated by the SRV record:

$ dig +short txt \ *\ Multicast\ http://DNS._http._tcp.dns-sd.org
"path=/"

The above in practice with a Bonjour aware web browser would be Bonjour providing it with a list of websites:

  • Zeroconf
  • Multicast
  • DNS Service Discovery
  • ...

When Multicast is selected from that list, your browser would ask Bonjour to resolve the services details and then use those details to send you to http://multicastdns.org:80/.

As you've no doubt gathered from the above, Bonjour support is needed in software for a seamless experience — here's a few suggestions to cover some of the needs you listed:

  • Safari: Safari menu, Preferences, Bookmarks, tick 'Include Bonjour'. Then use bookmarks menu/toolbar.
  • Firefox: Install BonjourFoxy (my creation) and then open the sidebar.
  • Terminal: Shell menu -> New Remote Connection.

If you have any further questions or need any clarification of the above just let me know.

more ▼

answered Mar 21 at 12:23 AM

Andrew TJ\'s gravatar image

Andrew TJ
746 3 17

10|600 characters needed characters left
0

I assume you're referring to this thread?

From what you describe your problem is because multiple devices want to use the same port - that won't work. You can work around it simply by using WebHops. Create one hostname that's updated with your IP address (say, imac.example.com since mydomain.com is owned by MyDomain). Then create the others as WebHops pointing to imac.example.com and the relevant port.

That unfortunately will only work for HTTP, not for any other protocol. There isn't really any other way around that. The problem is that when you connect to your firewall all the firewall knows is that you want to connect to a particular port, it doesn't have any way of knowing the hostname you used. That's a limitation of IP.

more ▼

answered Mar 20 at 07:48 PM

Cry Havok\'s gravatar image

Cry Havok ♦
44.1k 12 26 213

You're understanding of the problem if correct however I believe that bonjour is supposed to solve the problem entirely since I'm not actually creating the subdomains the protocol is doing it automatically.

Mar 20 at 08:20 PM bradyw

It can't - a port can only be forwarded to a single device at a time. What Bonjour and UPnP do is configure your router to forward that port to a single device. It can't forward that port to multiple devices at the same time.

Mar 20 at 08:37 PM Cry Havok ♦
10|600 characters needed characters left
0

was this ever resolved?

more ▼

answered Oct 19 at 07:35 AM

andresgarza\'s gravatar image

andresgarza
1

Please ask such questions by posting a comment to the original question, not by posting an "answer".

Oct 19 at 08:56 AM Cry Havok ♦
10|600 characters needed characters left
Your answer
osqa.question.ask.tags.preview.show

© 1998-2011  Dynamic Network Services Inc.  -  Legal Notices  -  Privacy Policy  -  Contacts     

Powered by Qato