[Opensim-users] NAT & Corporate Firewall
Diva Canto
diva at metaverseink.com
Tue Apr 5 14:50:29 UTC 2011
The right combination is internal=0.0.0.0 and external=domain name. If
that combination doesn't work off campus, it's either a firewall issue
or a dns issue -- your logs confirmed that was a firewall issue.
On 4/5/2011 7:34 AM, Fleep Tuque wrote:
> Gary's explanation that an IP address instead of a hostname is being
> passed to the client for the UDP handshake seems to fit the symptoms
> I'm seeing. We have verified that UDP ports are open in the firewall
> and that UDP packets can be sent and received from off campus, so I'm
> 99.99% sure that this isn't a firewall problem.
>
> I've also double checked the opensim.ini, robust.ini, gridcommon.ini,
> and region.ini files and do not have a single IP address listed
> anywhere, all the configuration options I've set use a hostname.
> However, when I try to connect with a client from off campus and
> capture packet traffic with Wireshark, I see the TCP packets being
> sent to the right destination IP address, but the UDP packets are
> being sent to an internal IP address (10.23.23.x) which of course will
> never work from off campus. Something is sending the client that
> internal IP address to be sure! :)
>
> - Chris/Fleep
>
>
> Chris M. Collins (SL: Fleep Tuque)
> Project Manager, UC Second Life
> Second Life Ambassador, Ohio Learning Network
> UCit Instructional & Research Computing
> University of Cincinnati
> 406E Zimmer Hall
> PO Box 210088
> Cincinnati, OH 45221-0088
> (513)556-3018
> chris.collins at uc.edu <mailto:chris.collins at uc.edu>
>
> UC Second Life: http://homepages.uc.edu/secondlife
> OLN Second Life: http://www.oln.org/emerging_technologies/emtech.php
>
>
>
>
>
> On Tue, Apr 5, 2011 at 7:57 AM, Diva Canto <diva at metaverseink.com
> <mailto:diva at metaverseink.com>> wrote:
>
> On 4/4/2011 9:23 PM, Gary Beck wrote:
>
> Diva Canto wrote:
>
> DNS resolution is made by the client. The server simply
> passes the name over. Make sure to use domain names
> consistently in all configuration files.
>
> ----------------------------------------------------------------------
> My testing seems to show the IP address rather than domain
> name is passed to the client for region/UDP.
>
> I have one region using ExternalHostName=SYSTEMIP and the
> others using ExternalHostName=something.dyndns-mail.com
> <http://something.dyndns-mail.com>
> I run Opensim 0.7.0.2 on a VISTA system, stand alone mode,
> client access both local and external, NAT loopback on.
> All that works fine.
>
>
> SYSTEMIP is an IP address. If that's what you have, that's what
> will be sent to the client.
> I suggest people people use domain names everywhere for
> ExternalHostName and do local DNS mapping if necessary -- this may
> be needed in home networks.
>
>
> One other item I found that suggests IP addresses are being
> passes rather than domain names is the Entity Transfer Module
> entries in the server log
> 2011-04-04 22:24:53,759 INFO -
> OpenSim.Region.CoreModules.Framework.EntityTransfer.EntityTransferModule
> [ENTITY TRANSFER MODULE]: Starting to inform client about
> neighbour 999, 999(174.124.181.36:9009
> <http://174.124.181.36:9009>)
>
>
> This has nothing to do with client communications -- it's the
> backend server-to-server communications for handing the agent over
> to the other sim.
>
>
> _______________________________________________
> Opensim-users mailing list
> Opensim-users at lists.berlios.de <mailto:Opensim-users at lists.berlios.de>
> https://lists.berlios.de/mailman/listinfo/opensim-users
>
>
>
> _______________________________________________
> Opensim-users mailing list
> Opensim-users at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-users/attachments/20110405/f633609e/attachment.html>
More information about the Opensim-users
mailing list