On Mon 03 Aug 2020 at 18:52:24 (-0500), Nate Bargmann wrote: > * On 2020 03 Aug 14:16 -0500, David Wright wrote: > > The home PC that I'd be trying to contact has a 192.168.n.n IP address > > given to it by my primary router. But the router's external address is > > obtained by its DHCP client talking to my ISP's DHCP server. It's not > > obvious to me how to query the router's client except by logging in to > > the router's web interface and reading the number from the screen. > > (It's a $38 consumer grade.) > > Is it possible for you to assign a specific IP address for a given > machine's MAC address from the router? That is what I do. My machines > request DHCP and the router serves each the same address that I have > configured for them in the router. Dynamically served static IP > addresses, if you will.
Yes, except that I have the hosts listed in /etc/hosts on each machine as well as reserved in the router (the latter does not serve DNS). > Let's say machine 1 always gets 192.168.1.1 and machine 2 gets > 192.168.1.2 from the router's DHCP server. To SSH into each from the > public Internet set up port forwarding on the router. OpenWRT also > allows port translation and some off the shelf routers do not. As I use > OpenWRT, all of the machines on my LAN listen on port 22 for SSH. Then > I set up the port forwarding table similar to: > > Incoming port Machine Port > 10022 192.168.1.1 22 > 20022 192.168.1.2 22 > > If your router does not do port translation then set up each machine SSH > deamon to listen to the same port, 10022 and 20022 respectively. I had > an ISP in the past that blocked incoming ports below 1024 so I had to > use higher ports any way as I could not reach my router on port 22 from > the public Internet. > > Another approach is to only have one machine handle incoming SSH > requests, in other words, only forward one port number from the public > Internet to that machine. Then SSH from it to others on your LAN. > > There are several approaches. In each case use public key > authentication and disable password authentication. Yes, all those are simple to set up. But none of that helps determine the IP address of *your router* at home in Old Podunk, USA when you're sitting in a hotel in Cocks, England. Cheers, David.