locked
WHS is on the internet. How can I get my other computers there too? RRS feed

  • Question

  • One of the most impressive things that WHS has done for me is give me a spot on the internet with Windows Live Custom Domains.  How can I get the other computers on my LAN on to the internet too?
    Thursday, November 13, 2008 10:07 PM

Answers

  • The whole issue is bound up in the basic function of the router which is Network Address Translation, NAT:

    http://en.wikipedia.org/wiki/Network_Address_Translation

    The router for the LAN is what has an address on the internet.  The port forwarding system in the router, also known as NAT is what allows the users on the LAN to make requests from their various IP addresses out to other IP addresses on the internet.  The router tracks these requests and sends them out from its address on the internet.  From the internet all these requests appear to come from the router itself.

    It is not possible to turn this around so that the router forwards different requests to different IP addresses in the LAN accept by the process of port forwarding.  The IP addresses in the LAN are private addresses and have no record on any DNS out there on the internet.  But the router is the one making requests to the internet and receiving requests from the internet and the router has only one address.  If the router itself has more than one address, then conceivably it could forward a second IP address to some second server without using a different port.

    Could a local DNS manage subdomains by assuming authority on the internet for subdomain addresses?  This is a guess on my part, but in the end, you are still stuck with the basic function of the router which is to respond to only one IP address.  Even if you were to send out the public address of some machine on the LAN in response to a subdomain query to a LAN DNS server, the requester is still stuck with the router and some public IP address which is useless on the internet.

    • Marked as answer by pksky Saturday, November 15, 2008 4:47 PM
    Saturday, November 15, 2008 4:45 PM

All replies

  • Well if you are using one connection behind a router, you can use "port forwarding" to get to different services on other computers. WHS obviously uses port 80, 443, and 4125... but many others are free to configure.
    Thursday, November 13, 2008 10:52 PM
  • Hi,
    an important question is, which operating system runs on these computers and which services do you wish to access through the Internet.
    Also don't forget, that you could open your PCs for direct hacker and virus attacks by opening them for direct access from the Internet.
    Best greetings from Germany
    Olaf
    Friday, November 14, 2008 7:39 AM
    Moderator
  • First, why do you want to expose all your home computers directly to the internet? If you want remote desktop access, WHS already gives you that (with supported versions of Windows operating systems). I'm not sure what other access you think you would need.

    Also, if you expose your systems in this way, you're making them available for malefactors to attempt to hack them. While it's not true that Windows is less secure than other operating systems, it is true that there are better tools available to script kiddies for hacking Windows than other OSes, so you would be taking a significant risk.
    I'm not on the WHS team, I just post a lot. :)
    Friday, November 14, 2008 12:24 PM
    Moderator
  • "Well if you are using one connection behind a router, you can use "port forwarding" to get to different services on other computers. WHS obviously uses port 80, 443, and 4125... but many others are free to configure."

    So I could just attach a different port to my WHS name, myname.homeserver.com:1234, and forward the port to one of my other LAN machines? 

    Is there any other way?  Could I create a subdomain, myhost.myname.homeserver.com and set up a LAN DNS to direct it and would DNS's on the internet direct to my LAN's DNS?  I've done a little reading and I wonder if once I get a domain, then my local DNS assumes authority over the subdomains.  Is that right?
    Friday, November 14, 2008 4:58 PM
  •  Hi,
    pksky said:

    So I could just attach a different port to my WHS name, myname.homeserver.com:1234, and forward the port to one of my other LAN machines? 

    Is there any other way?  Could I create a subdomain, myhost.myname.homeserver.com and set up a LAN DNS to direct it and would DNS's on the internet direct to my LAN's DNS?  I've done a little reading and I wonder if once I get a domain, then my local DNS assumes authority over the subdomains.  Is that right?

    Port forwarding is the only option. Your router will not know more than that it has been addressed with its external IP address and a port. Dependent from the port the router will decide to allow/forward incoming traffic or to block it.

    homeserver.com does not provide second level sub domains.
    You can use which ever DNS name you want (also multiple names), a fixed IP address or a dynamic, finally each attempt to access your intranet or a machine in it will go through the router. So each attempt is knocking on the same door.

    If you want a separate website, there are a lot of webhosters offering their services.
    Don't forget as well, that the download speed of external users is the upload speed of your Internet connection, divided through the number of parallel users downloading stuff from your side. And this upload speed is usually much slower than the download speed for your home PCs.

    Best greetings from Germany
    Olaf
    Friday, November 14, 2008 7:15 PM
    Moderator
  • Olaf Engelke said:

    ....

    Port forwarding is the only option. Your router will not know more than that it has been addressed with its external IP address and a port. Dependent from the port the router will decide to allow/forward incoming traffic or to block it.

    homeserver.com does not provide second level sub domains.

    You can use which ever DNS name you want (also multiple names), a fixed IP address or a dynamic, finally each attempt to access your intranet or a machine in it will go through the router. So each attempt is knocking on the same door.

    ....



    Generally speaking, how do I host more than one server to the internet through a router?
    Friday, November 14, 2008 7:34 PM
  • Different servers, different incoming ports, forwarded to whatever port you wish to access on the server.
    Dynamic DNS Services allow you to register different domain names pointing to the same router, but I assume, you cannot put the port into that configuration, since a port is not part of a DNS record.
    So the user of the server has to know the name and the port of that web service to access the proper server directly.

    Best greetings from Germany
    Olaf 
    Friday, November 14, 2008 7:42 PM
    Moderator
  • In WHS, if I go to Internet Information Services Manager under the Administrative Tools, and I look up Help I see that one of the features of IIS in WHS is that you can host multiple websites using different IP addresses off of the same server. 

    How do I reach these different IP addresses through a router?
    Friday, November 14, 2008 9:01 PM
  • I think you would be well served by studying Internet Information Server (IIS) configuration and operation, plsky. A good place to start might be Microsoft's IIS online community IIS.Net.

    In general, though, you would configure your network so that more than one IP address points to your server. (Note that this may cause functionality issues for your client PCs, as they may suddenly find the server unreachable through the connector because the network is configured to prefer the wrong IP address.) Then in IIS you would assign one web site to one IP address, and another web site to another IP address. You would use a sophisticated router that could either map different incoming ports to the same port on different IP addresses, or your might use a "reverse proxy proxy server" (Microsoft's ISA can do this) to deal with making sure the right request reaches the right IP address.

    Since none of this can be done through the console, it's all unsupported on WHS, and (honestly) not recommended because of the issues involved. If you need the ability to host multiple web sites, you would definitely be much better off finding a cheap but reliable web presence/hosting provider. I use LunarPages, but there are dozens of good ones out there.

    I'm not on the WHS team, I just post a lot. :)
    Friday, November 14, 2008 10:09 PM
    Moderator
  • Ken Warren said:

    I think you would be well served by studying Internet Information Server (IIS) configuration and operation, plsky. A good place to start might be Microsoft's IIS online community IIS.Net.


    In general, though, you would configure your network so that more than one IP address points to your server. (Note that this may cause functionality issues for your client PCs, as they may suddenly find the server unreachable through the connector because the network is configured to prefer the wrong IP address.) Then in IIS you would assign one web site to one IP address, and another web site to another IP address. You would use a sophisticated router that could either map different incoming ports to the same port on different IP addresses, or your might use a "reverse proxy proxy server" (Microsoft's ISA can do this) to deal with making sure the right request reaches the right IP address.

    Since none of this can be done through the console, it's all unsupported on WHS, and (honestly) not recommended because of the issues involved. If you need the ability to host multiple web sites, you would definitely be much better off finding a cheap but reliable web presence/hosting provider. I use LunarPages, but there are dozens of good ones out there.



    The truth is, I've done some experimenting and all I had to do to use WHS to host more than one website with different IP addresses -- besides create the test websites themselves -- was to add the IP addresses to my NIC.  You can assign more than one IP Address to your NIC.  That's all it takes to reach the different websites with different IP addresses on WHS from my LAN.  All the machines on my LAN can reach each other as servers and the different websites that existed on my one WHS from the LAN using the private IP addresses.  This is easy.  But I found that once I had added additional IP addresses to WHS's NIC, then the provided domain name is no longer working.

    Sure, I've used commercial hosting on the internet and I still do and find it useful.  But, obviously, commercial hosting must be hosting all those servers through some kind of router/gateway.  Each machine provided to a client, or each website provided on a server to a client must be hosted to the internet through some kind of router with all the associated addressing and naming.  Why shouldn't I want to do the same thing myself?

    WHS is a brutally simple and inviting server for the professionally uninitiated.  You take it home, you plug it in or install the software and suddenly you have a spot on the internet.  It's free.  WHS assumes you are on a LAN.  Most of the expected clients on this LAN, XP Pro at least, have the potential to host a website.  WHS's very marketing provokes the question,  How do I get the rest of my computers on the LAN that MS expects me to have on the internet?  And what about the rest of my non-MS machines?  I should be able to get them there too with the insights provoked in me by this new wonderful piece of software.

    "Your potential is our passion."

    Indeed.
    Friday, November 14, 2008 11:42 PM
  • It's still the same external IP address with only a different IP address in your LAN.
    So you will still have to work with ports.

    And as mentioned by Ken - hosting different websites on WHS is not supported and become troublesome, if you have ever to do a server reinstall.
    Best greetings from Germany
    Olaf
    Saturday, November 15, 2008 12:37 AM
    Moderator
  • The whole issue is bound up in the basic function of the router which is Network Address Translation, NAT:

    http://en.wikipedia.org/wiki/Network_Address_Translation

    The router for the LAN is what has an address on the internet.  The port forwarding system in the router, also known as NAT is what allows the users on the LAN to make requests from their various IP addresses out to other IP addresses on the internet.  The router tracks these requests and sends them out from its address on the internet.  From the internet all these requests appear to come from the router itself.

    It is not possible to turn this around so that the router forwards different requests to different IP addresses in the LAN accept by the process of port forwarding.  The IP addresses in the LAN are private addresses and have no record on any DNS out there on the internet.  But the router is the one making requests to the internet and receiving requests from the internet and the router has only one address.  If the router itself has more than one address, then conceivably it could forward a second IP address to some second server without using a different port.

    Could a local DNS manage subdomains by assuming authority on the internet for subdomain addresses?  This is a guess on my part, but in the end, you are still stuck with the basic function of the router which is to respond to only one IP address.  Even if you were to send out the public address of some machine on the LAN in response to a subdomain query to a LAN DNS server, the requester is still stuck with the router and some public IP address which is useless on the internet.

    • Marked as answer by pksky Saturday, November 15, 2008 4:47 PM
    Saturday, November 15, 2008 4:45 PM
  • I suggest you go back and re-read what I wrote above. A reverse proxy server such as Microsoft's ISA Server is capable of dealing with the scenario you're asking about. 

    However, the whole topic is very far afield from Windows Home Server, which is a small, simple server "appliance" that sits on a home network, doing the things that a typical home user needs. You see ISA, sophisticated routers, multiple web servers, etc. in a datacenter, not the average home.
    I'm not on the WHS team, I just post a lot. :)
    Saturday, November 15, 2008 6:40 PM
    Moderator
  • Ken Warren said:

    ....

    However, the whole topic is very far afield from Windows Home Server, which is a small, simple server "appliance" that sits on a home network, doing the things that a typical home user needs. You see ISA, sophisticated routers, multiple web servers, etc. in a datacenter, not the average home.

    ....


    But it was hardly ten minutes ago when the "average home" didn't have a computer at all.  Now everybody has a LAN and right now, a server to go with it.  All the issues brought to bear on the "average home" user in adding a server beg the question, "What about a second server?".  Home LANs cropped up so fast that it was easy to miss that the average user was now communicating with a second computer in the home, typically a laptop is my guess.  When I first started shopping around for a DSL connection a couple of years ago, I was stunned to find that you could hardly find a service at all that would support anything less than connecting through a router.

    And we will ignore the more adventurous users out there banging around with Linux.
    Saturday, November 15, 2008 8:03 PM
  • I'll confirm that port forwarding works.  If you can catch me hooked up with my 56K, try ...

    http://symbiota.homeserver.com:85

    http://symbiota.homeserver.com:90

    These are two different Linux machines on my LAN.  All it took was forwarding the respective 85 and 90 ports to the respective private IP addresses.  The ports were chosen arbitrarly, making sure that they were not taken.
    Saturday, November 15, 2008 8:12 PM