How to remote access to Yun on port other than 80??

I am using Linux with Apache server installed. Apache server is using port 80, thus I would like to be able to access Yun on different port instead. Although I managed to test Yun working on port 80 but I have not been able to get it working on other port (e.g. 5555, 7000, 8080, etc.). What do I need to configure if I want to be able to access Yun on port beside 80??

Blk19U0102: I am using Linux with Apache server installed. Apache server is using port 80, thus I would like to be able to access Yun on different port instead. Although I managed to test Yun working on port 80 but I have not been able to get it working on other port (e.g. 5555, 7000, 8080, etc.). What do I need to configure if I want to be able to access Yun on port beside 80??

Not quite sure what the issue is to begin with, as you are not running Apache on the Yun, right?

If you are referring to a possible portforwarding issue, most proper routers can handle the port translation. No need to mess with changing ports on the device either...

Ralf

I have a home network with multi pc connected, with internal static IP assigned (192.168.X.X). My webserver (Apache) is accessible from external (static public IP) at port 80. If I dismount Apache from port 80 and use port 80 for Yun instead, I will be able to access Yun external as well and it is working. There is no issue with port forwarding from my router. However, when I try to use different port (e.g. 5555, 7000, 8080, etc.) for Yun, it does not work. Hope this clarifies my setup.

Have you tried forwarding port, say, 8080 on your router to yun's 80 and accessing the yun using EXTERNAL_IP:8080 ?

Are you doing the test while connected to a network that is not your home local one?

Blk19U0102: I have a home network with multi pc connected, with internal static IP assigned (192.168.X.X). My webserver (Apache) is accessible from external (static public IP) at port 80. If I dismount Apache from port 80 and use port 80 for Yun instead, I will be able to access Yun external as well and it is working. There is no issue with port forwarding from my router. However, when I try to use different port (e.g. 5555, 7000, 8080, etc.) for Yun, it does not work. Hope this clarifies my setup.

Not sure what you did, but it certainly works for me. I do this will all my devices, multiple web servers, on multiple external ports, without even changing the local listening port on any of them...

Ralf

I have managed to get it working now. I have configured Yun to listen to port 5555 (in addition to port 80). So now i can talk to Yun on port 80 or 5555. I have edited the /etc/config/uhttpd file to make this work. Thank you for all the help :) :) :).

How do you changed the etc/config/uhttpd file. Could you please explain me step by step. Thank you!

Mondeo: How do you changed the etc/config/uhttpd file. Could you please explain me step by step. Thank you!

  • Open an SSH session to your Yun using something like Terminal (Mac, Linux) or PuTTY (Windows)
  • Change to the /etc/config directory
  • use your favorite text editor, like nano, to edit the file

For example, once the SSH session is established:

cd /etc/config
nano uhttpd

If you want to use nano, and don't have it installed:

opkg update
opkg install nano

Mondeo: How do you changed the etc/config/uhttpd file. Could you please explain me step by step. Thank you!

1) ssh into your Yun 2) change directory to file location: cd /etc/config 3) edit with vi(1) : vi uhttpd

NOTE: Another file for configuration exists /etc/httpd.conf. It is a helper file.

Jesse

jessemonroy650: 1) ssh into your Yun 2) change directory to file location: cd /etc/config 3) edit with vi(1) : vi uhttpd

NOTE: Another file for configuration exists /etc/httpd.conf. It is a helper file.

Jesse

What would I type in the uhttpd file once I have it in edit mode (vi uhttpd) to make the arduino yun listen to port 8888 in addition to port 80?

Typing out ShapeShifter's recommendation:

nano /etc/config/uhttpd
       # HTTP listen addresses, multiple allowed
        list listen_http        0.0.0.0:8888
/etc/init.d/uhttpd  stop
/etc/init.d/uhttpd  start

Is it possible to change the port from another remote server using PHP?? I need to be able to automatically change the port number when the Yun connects to my main host server.

gwiz: I need to be able to automatically change the port number when the Yun connects to my main host server.

This sounds like a very curious thing to do. What are you actually trying to accomplish? Why do you think you need to change the Yun's HTTP listener port number when it connects to a server? What is the actual problem you are trying to solve?

This smells very much like the Classic X-Y Problem. (Read the linked topic.)

This sounds like it should be a new topic, rather than bring back a year old topic that may only be tangentially related to the actual problem (if it's actually related at all.)

I actually figured it out. I simply establish an SSH connection at the root with the yun in PHP and then send it commands to change the port by searching for it and then replacing it with the number I want.

ShapeShifter: Why do you think you need to change the Yun's HTTP listener port number when it connects to a server? What is the actual problem you are trying to solve?

I could potentially have over 200 on a single network and need to be able to route the LAN IP's accordingly.

gwiz: I could potentially have over 200 on a single network and need to be able to route the LAN IP's accordingly.

This still doesn't make any sense - one of us just isn't getting the point, I'm not sure who it is.

So you have up to 200 Yuns on a single network? No problem, as long as they all have different IP addresses, which becomes a simple task with a DHCP server. They can (and really should) all be listening on the same incoming port number - if they all used different ports, it would be a configuration nightmare for the sever to keep track of not only all the IP addresses, but also the port numbers for each unit. On top of all of that, I can't see why you would want to then change that listener port number when the Yun makes a connection to a server? It makes no sense.

Perhaps you misunderstand what TCP/IP ports are and how they work? Or are you using the wrong term here and you mean something else?

My main server will establish remote connections periodically with the yun. In the initial setup when the board is first powered up, it makes a GET request to the main server. It gives the server it's LAN IP. The LAN IP already has a corresponding port established for it in the database. So when the YUN gives it's LAN IP to the server, the server looks up the corresponding port number of the IP in the database and reply's with the port number to the YUN. The YUN then reconfigures the default listening port to listen on that port.

Now when the server goes to establish a connection with the yun it simply query's the WAN IP and that port number. The router will then forward the TCP connection to that specific port which has the LAN IP attached to it. The only other way I can think of to do this is through DNS Host Mapping, but that would actually be harder to configure. Instead of setting two ranges, one for the IP's and one for the ports, I have to specify a DNS host name for each IP. If there is a better way of doing this please educate me as I am still learning a lot of this stuff. Thanks

Thanks for the clarification. So, if I read this right, you have a bunch of Yun's on a private LAN, with a router, and the server is on the public WAN side of the router. The server needs to be able to make requests directly kto any Yun, through the router. Is that correct?

ShapeShifter: This smells very much like the Classic X-Y Problem. (Read the linked topic.)

So it is indeed the classic X-Y problem: you are fixated on a problem you ran into while trying to implement a particular solution, but that may not be the ideal solution.

I'm not a networking guru, so hopefully with a clearer problem statement, someone more experienced will step in (Jesse?)

When the server is trying to make a connection to a specific Yun, the only address it can use is the public WAN address, so it makes sense to use a different listener port to select a particular Yun. The router that serves that WAN address then uses that port number to forward that request to the correct Yun. But during that forward, it can also change the port number, so that all of the Yuns can listen on the same port. It seems to me that this is a router configuration issue, not a Yun configuration problem.

Your server already has a mapping of LAN addresses to port numbers, and you need a corresponding list of port forwards in the router. I imagine you currently have the port forwards set up like this in your router:

  • Incoming requests on port A get forwarded to IP address A port A
  • Incoming requests on port B get forwarded to IP address B port B
  • Incoming requests on port C get forwarded to IP address C port C
  • And so on...

And it's because that each Yun uses a different listener port that you are in this situation. I would think you just need to change the destination port in the router's port forward table:

  • Incoming requests on port A get forwarded to IP address A port 80 (or whatever fixed listener port you want.)
  • Incoming requests on port B get forwarded to IP address B port 80
  • Incoming requests on port C get forwarded to IP address C port 80
  • And so on...

Be aware that if you are exposing your Yuns to the public Internet, that you are also exposing them to attack. You need to take security into account on each Yun. If an attacker compromise a Yun, they not only have access to that system, but can use it as a vector to access to any other system or resource on the network. I'm also not a security expert, so I can't give you specific advice, but I know enough that you must be very careful here.

Am I on the right track? Or do I still miss the point of the problem.

Plan A:

Reverse Proxy and HTTP Redirects:

|500x298

https://docs.trafficserver.apache.org/en/5.3.x/admin/reverse-proxy-http-redirects.en.html

Leave Yun with static IP.

first One: 192.168.X.1 ... 200: 192.168.X.200

Setup Linux box ( Raspberry Pi Zero: the $5 computer ), load Apache.

Apache Mapping Rules:

redirect http://yun1.yunfarm.org http://192.168.X.1
redirect http://yun2.yunfarm.org http://192.168.X.2
...
redirect http://yun200.yunfarm.org http://192.168.X.200

Setup DNS yunX.yunfarm.org point to WAN IP (Public IP)

ShapeShifter: (...) I would think you just need to change the destination port in the router's port forward table:

  • Incoming requests on port A get forwarded to IP address A port 80 (or whatever fixed listener port you want.) (...) [/list] Be aware that if you are exposing your Yuns to the public Internet, that you are also exposing them to attack. You need to take security into account on each Yun. If an attacker compromise a Yun, they not only have access to that system, but can use it as a vector to access to any other system or resource on the network. I'm also not a security expert, so I can't give you specific advice, but I know enough that you must be very careful here.

This definitely helped me setting up my router correct! (I have only one yun ;)) Is asking for 'how to add a little security' seen as hacking this topic too much (ie, do I need to start a new one) or can someone post a link/do a little story on it?