Your router would need to support NAT loopback to achieve that
Alternatively setup the NC server so it’s accessible by the IP-address itself and enter that instead of the URL when connecting from inside your home network.
What is NAT Loopback?
Define a feature in many SOHO routers that permit the access of a service via the public IP address or domain name from inside the local network. This eliminates the need for using separate domain name resolution for hosts inside the network than for the public network for a website.
Author: Kevin_Z City: Cambridge Released On: 2021-03-23 Views: 10432 Helpful: 5
Another option would be to setup a DNS server inside your home, like PiHole for example, then have all the devices in your home network setup so their DNS requests are sent to the local DNS server for name resolution and can resolve the FQDN to your local IP-address within your home network.
This doesn’t really change that a name resolution lookup request to a DNS server before being sent to the IP-address of the device within your home network is required though, you’ve just moved the DNS server from outside your home network to inside the home network, the name resolution lookup is still being done to the local DNS server.
The functionality you described in your question is the feature called “NAT Loopback” available in some, but not all, routers.
Unfortunately my router does not have this function.
I tried with pihole but the problem is: I can’t enter an IP address with port (192.168.1.2:9000) in Local DNS setting in pihole. My NC is only accessible with this port. If I just enter the IP address and open nextcloud.mydomain.com in my browser, I am redirected to my host’s dashboard (QNAP dashboard in port 8080).
You need a reverse proxy to resolve the request to the correct ports when you have multiple services available on different ports, port resolution is not a part of domain name resolution. Alternatively enter the ports after the URL in the browser https://[URL]:[PORT]
NB: address is an A record. Server is a DNS forward.
DNS forward: I have set in googles DNS servers above. Because I also runs my own DHCP server (DNSMASQ can be configured for this aswell) I forces a bypass of my ISP DNS settings. Basically you can add any public DNS server here, or add your gateway address for following same as you do today for anything OUTSIDE your network.
HINT: If you wants to access anything DNS blocked by ISP or government, just add address=/blocked.domain.ltd/IP and you completely bypasses DNS blockage. Or your ISP has DNS intercept, and will catch anything that reaches outside your network anyway.
Thank you for your suggestion. I Prefer to use docker instead install it directly to linux, because I use QNAP NAS as my Host, and QNAP has it’s own Linux OS. I also use Pihole to block the ads and Malicious Links.
I understand. However if placing the DNS in a container, you will have to make some network routing and iptables-foo. If the DNS server is on a different network than the clients, you needs to setup DNS relaying and response. And this must be done, unless you go the more dangerous route of bridging your NIC so the Docker container will have a LAN IP.
Certainly. Are you running security components on the containers themselves? DO they have their own AV engine, and do you always activate Iptables on the containers? The idea of docker is that you do not need to worry about the infrastructure layer, as that is covered by the docker engine and the virtual network layer on the docker engine host itself. Making a macvlan, you are completely bypassing this entire layer, hence will need to always ensure that your containers are self contained - also by security. And do not forget that the docker engine runs as root. So exposing a container so it bypasses the docker engine network security and proxying layer, is an added attack vector to your host. If assigning LAN addresses is a thing, you should consider running docker inside a LXC container, and then assign it a macvlan, as LXC is security focussed and runs in privilege 10.000 instead of root.