[PLUG] FTP server question
Carlos Konstanski
ckonstanski at pippiandcarlos.com
Wed Sep 19 13:52:50 UTC 2007
Robert Kopp writes:
> I'm not quite sure what I'm getting into. I'd like to serve files to a few friends, files that are too large to send as file attachments. So it seems to me that an FTP server might be the way to go:
>
> >sudo apt-get install proftpd
>
> But I'm not quite done yet. The host computer gets an IP address from a router (it's on a LAN), and the router gets its address by DHCP from the ISP. Leases can last a long time; but this probably complicates DNS resolution. Can someone give me advice on how to proceed? Do I need to change the TOPOLOGY?
>
> Robert "Tim" Kopp
> http://analytic.tripod.com/
The topology needs to look like this, from the outside in:
- A publically-available interface. This is your DSL or cable modem.
I have found that most DSL modems do routing and NAT, while most
cable modems simply pass through the connection un-routed and
un-natted. Whatever the case may be, public access to this device
must be reliable. Bill's suggstion of a dynamic dns service applies
here. There are internet services available for keeping your
dynamic IP pinned to a hostname. Try http://www.no-ip.com/ , or
consider getting a static IP address - better. The end result is
that your DNS name must resolve to a valid IP address, evan if that
IP address changes once in a while. Or you could just hand out your
IP address, but you're hating it if it changes.
- A router. Since the machine running the FTP service is not directly
connected to the internet, something has to forward the traffic from
the external interface to the interface on the FTP machine. Perhaps
your DSL modem is also a router, or maybe you have a D-Link or
Linksys router (or something similar), or maybe you are using a
linux box with 2 NICs and iptables as your router. Whatever your
router may be, you have to configure it to pass TCP ports 20 and 21
to the FTP machine. Also, as a separate step, the router has to be
told to allow WAN traffice from these ports. It doesn't do any good
to forward the packets if they are blocked at the front door.
- An FTP machine. This machine needs to be easily locatable by your
router, just as your external IP address needs to be easily
locatable by the people who want to find your FTP server. If you
are using an appliance router (DSL modem/router, D-Link, Linksys,
etc.), there is probably a feature allowing you to give your FTP
machine a DHCP reservation. This means that any time a DHCP lease
request comes form a particular MAC address, it is given the same
preconfigured IP address.
BTW, I would caution against using sudo for non-trivial root
commands. sudo does not load root's environment. You do not have
root's PATH, for example. Get a real root shell instead. sudo is
suitable for chown, chmod, and other single-action commands that do
not depend on the environment.
--
Carlos Konstanski
More information about the PLUG
mailing list