domains on internal network
from EvilCartyen@feddit.dk to selfhosted@lemmy.world on 23 Jun 05:58
https://feddit.dk/post/6336875
from EvilCartyen@feddit.dk to selfhosted@lemmy.world on 23 Jun 05:58
https://feddit.dk/post/6336875
So maybe I am missing something obvious, but here goes:
I’ve got a small server at home, and I have simply.com pointing various domains to it. Works fine, nginx routs the traffic where it needs to go.
But whenever I am at home and connected to wifi I have to use the internal address and port to reach my server, e.g. 192.168.0.192:8096 for my Jellyfin server. If I use the public URL at home, i hit the login page to my router.
This is annoying when I use apps, as I need to switch between the public URL and the internal address as I come and go from my home…
What are my options for doing something about this? I want to use the public URL at home too…
threaded - newest
I can’t remember exactly what its called, but something like
routerNAT loopback is what you want. I’ll have a look around. But if you set it right, things should work properly. It might be a router setting.Found it: community.tp-link.com/en/home/stories/…/1726
Thanks - I have an icotera i4850 router which claims to support NAT loopback, but I can’t figure out where to do it and it seems like the manual is gone from the internet :) Might have to ask my internet provider if they have a PDF somewhere.
Edit: D’oh, it’s a checkbox in the port forwarding interface! Thanks a bunch, didn’t know what to look for before your reply :)
Thanks for posting this! I have the same router.
I think the term often used is “NAT reflection”.
Never heard that term, but its a very obscure concept, so wouldn’t surprise me if it had multiple names. Probably vender specific names?
Seems quite a few people havent heard of it, hence a lot of the split DNS answers :/
Another name, depending on the exact context, is “hairpin NAT”. Should make googling with the specific router OP has easier.
Ipv6
Depending on your gateway, you may be able to override the DNS settings for a few domains that you use internally
To bypass this problem you can add your domain (with all the third level ones) to your router, pointing to your internal IP
You may have to set up split zone DNS so names resolve to private IPs when at home but resolve to public addresses when not home.
I use pihole as my home DNS to do that
This is what I do as well. I use terraform/tofu and add two entries whenever I add a new domain, one for my external provider and one for my pihole pointing at my internal IP for my home network.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
3 acronyms in this thread; the most compressed thread commented on today has 15 acronyms.
[Thread #825 for this sub, first seen 23rd Jun 2024, 06:25] [FAQ] [Full list] [Contact] [Source code]
On my Fritzbox, I needed to add all my Subdomains to a list under:
DNS Rebind Protection Your FRITZ!Box suppresses DNS responses that refer to IP addresses in its own home network (DNS rebind protection). Here you can specify exceptions for which DNS rebind protection should not apply. Do this by entering the complete name of the host (domain name including the subdomain) in the list.
That’s under network settings, advanced. In case you have that.
Indeed it is DNS rebind protection.
I use wildcard on my Fritzbox. I added
*.mydomain.comand my MyFritz address*.er467.myfritz.netImportant for everyone who makes changes on DNS rebind protection: You will need to completely RESTART your Fritzbox. Even if you add a line, or edit. One domain per line. It will not work without it ☝🏻
If your ISP provides IPv6, set that up. Everything will have a globally routed address, so your domains will work from your LAN and the internet. If you don’t have IPv6 available, get a free tunnel from Hurricane Electric.
It depends if your reverse proxy is inside your home network or outside. It should work without any other configuration if you forward ports 80&443 from external domain with something similar to rathole and configure reverse proxy inside home network.
This is not an answer to your question about using the same url, but see this article, it might be helpful. Tl;dr: mdns + reverse proxy.
Based on my setup, I use adguard to DNS rewrite all *.example.com domains to the IP of my Nginx proxy. I have the proxys setup on NPM. On my router I have adguard set as the home network DNS. Cloudflare is used as the external DNS so that the *.example.com domains work outside of my network (and point to thr Nginx server).
My setup is relatively basic, unraid dockers etc.
I strongly recommend the NAT loopback route over attempting split-horizon dns.
I did go for that 😁 was a simple checkbox in the router settings.
FYI, this is called “split horizon” DNS, where the location you get directed is based on the network you adk from. Make sure you have short TTLs set on your DNS records, or devices can have problems moving between networks and still having records cached from the prior network
usually in your router settings you can change local DNS settings. you can set your domains and subdomains to point to your server’s local IP.