network/routing wonkiness

[Michael Hipp]

On 2012-07-22 3:12 PM, Lonni J Friedman wrote:
> For years, my home network has experienced a strange routing quirk
> which has mystified me.  For reasons that I'd prefer not to bore
> anyone with, I won't get into why I'm speaking up about it now.  The
> issue is as follows.  I run a web server on my home network, and all
> the IP addresses on this network are non-routable (10.xxx.xxx.xx).
> That same webserver is accessible over the internet, with a real,
> routable (quasi)static IP address.  If any device/system on my home
> network attempts to access the webserver, it will timeout & fail 100%
> of the time.  However, if I hard code the non-routable static IP of
> the webserver in /etc/hosts with the same internet accessible domain
> name, then any system on my home network can access the webserver just
> fine.  Note, this is *not* a port issue.  I'm able to hit the same
> apache server port regardless of whether I'm inside the network, or
> out on the internet.
>
> What I'm failing to grasp is why I am seemingly unable to route
> traffic from my home network out over the internet, and back to my
> webserver.  Either I've got something bizarre misconfigured somewhere,
> or there's some law of networking that I'm not grasping.

I had a similar problem on my network  being routed by a dd-wrt box 
(linux), the solution was to put in a rule that the dd-wrt authors 
evidently forgot:

iptables -t nat -I POSTROUTING -o br0 -s 192.168.0.0/24 -d 
192.168.0.0/24 -j MASQUERADE

I'm a bit of a dunce on iptables, but basically it routes things that 
would go to a port on an external IP address and sends them to an 
internal address instead.

Michael