From owner-freebsd-questions@FreeBSD.ORG Fri Nov 19 19:06:25 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A91216A4CE for ; Fri, 19 Nov 2004 19:06:25 +0000 (GMT) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id B84BF43D4C for ; Fri, 19 Nov 2004 19:06:24 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from [192.168.1.250] (pool-68-161-115-118.ny325.east.verizon.net [68.161.115.118]) by pi.codefab.com (8.12.11/8.12.11) with ESMTP id iAJJ6J95084351 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 19 Nov 2004 14:06:20 -0500 (EST) Message-ID: <419E4425.2000803@mac.com> Date: Fri, 19 Nov 2004 14:06:13 -0500 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.3) Gecko/20040910 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Gerard Samuel References: <419E3B26.8000101@trini0.org> In-Reply-To: <419E3B26.8000101@trini0.org> X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=-4.5 required=5.5 tests=AWL,BAYES_00 autolearn=ham version=2.64 X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on pi.codefab.com cc: freebsd-questions Subject: Re: Virtual IP/DNS test results X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Nov 2004 19:06:25 -0000 Gerard Samuel wrote: > If I were to ping a hostname that is using a virtual IP address, > or if I ping a virtual IP address from just this one of the machines on > the LAN, [ ...you get an ICMP redirect... ] > Is this indicative that there is a problem with the setup??? No. What happened was you local client created an HTTP request to the public IP which the hostname in the URL resolved to. Your NAT box saw that this public IP was in fact being NAT'ed to a local host, and issued an ICMP redirect telling the client about the shorter route. If this didn't work right, your apache config probably doesn't mention the local IP in the virtualhost section or some such, but the HTTP result and/or the apache logs will give more info to track down any such details. You can also set up "split-horizon DNS" or perform similar tricks in /etc/hosts to convince machines on your LAN to lookup the www hostname as local IP rather than as public IP, which would remove the ICMP redirect from the situation entirely. -- -Chuck