Can I refer to services on ports using a friendly name?

[el_pedr0]

I'm using Merlin's firmware on my AC68U. Is it possible to somehow set it up so I can refer to services on ports via a friendly name. For example I run a logitech media server, which is currently accessed at 'myhost.internal.lan:9000'. But I would really like to set up some way of accessing it with an alias such as myhost.internal.lan/lms. From what I've gathered so far, this might be possible with some sort of reverse DNS. Can this be done on the router?

 

[ColinTaylor]

You can't do it with DNS (this question has been asked before) because DNS only deals with IP addresses, not port numbers. You can do it with a reverse proxy server by creating virtual hosts. I don't know whether it's possible to run one on the router.

 

[sfx2000]

You can't do it with DNS (this question has been asked before) because DNS only deals with IP addresses, not port numbers. You can do it with a reverse proxy server by creating virtual hosts. I don't know whether it's possible to run one on the router.

Actually it is possible - it's called a SRV record...

The other option is to use mDNS (Bonjour/Avahi) - Bonjour uses the .local Top Level Domain, and is typically running on Port 5353/UDP - easiest way to get Bonjour up and running is to install iTunes on a Windows PC - and most flavors of desktop linux already include it - as do Macs and iDevices...

 

[ColinTaylor]

Actually it is possible - it's called a SRV record...

Good point, although I don't think it can help in this case. AFAIK HTTP requests aren't allowed to use SRV (I'm assuming the OP is using a browser).

P.S. I wondered how long it would take for you to suggest mDNS (personally, Bonjour/Avahi is the first thing I remove from all my kit ).

 

[sfx2000]

Good point, although I don't think it can help in this case. AFAIK HTTP requests aren't allowed to use SRV (I'm assuming the OP is using a browser).

This makes no sense - it's an nslookup - and the port call will trigger the service record - doesn't matter what client does this..

P.S. I wondered how long it would take for you to suggest mDNS (personally, Bonjour/Avahi is the first thing I remove from all my kit ).

It's an incredibly power tech if you understand what it does - if one is doing development and doesn't have direct access to DNS directly, it's a very useful way for host resolution and service discovery...

But to each his own...

 

[ColinTaylor]

and the port call will trigger the service record - doesn't matter what client does this..

Accept is does matter what the client does. It is the client that decides what port it is sending the data over. Sure the DNS can produce a service record, but that doesn't mean anything if the client ignores it. And from what I understand the RFC for SRV prohibits its use in pre-existing protocols (like HTTP). There were draft proposals to include SRV support in HTTP but I don't think it was ever implemented (I'd be delighted to be proven wrong).

This is the only thing I could find about it at short notice:
http://stackoverflow.com/questions/9063378/why-do-browsers-not-use-srv-records
http://forums.xkcd.com/viewtopic.php?t=107380#p3516334

 

[sfx2000]

Accept is does matter what the client does. It is the client that decides what port it is sending the data over. Sure the DNS can produce a service record, but that doesn't mean anything if the client ignores it. And from what I understand the RFC for SRV prohibits its use in pre-existing protocols (like HTTP). There were draft proposals to include SRV support in HTTP but I don't think it was ever implemented (I'd be delighted to be proven wrong).

Host:Service used to have some issues with some clients years back...

This is pretty much sorted these days - comes down to what's happening in microservices and containers in the cloud...

 

[ColinTaylor]

Host:Service used to have some issues with some clients years back...

That's a pretty vague answer. Can you provide ANY proof whatsoever that browsers now support SRV records? The second link I posted explicitly stated they didn't.

This is pretty much sorted these days - comes down to what's happening in microservices and containers in the cloud...

So you're agreeing with me then. It can't be done with just the client and DNS, it has to be done on the server side.

 

[sfx2000]

Dynamic DNS (pretty much any provider there, not just DynDNS) does port redirection for home based servers where ISP's may block port 80/443 - so a SRV record is created to remap those ports over to let say, 8080/8443 - so people accessing that server just do the http/https without having to add the port number...

Used to do this all the time - even going as far as CNAME and Alias records and hosting multiple sites on a single host...

DNSMasq can do this locally with a little bit of effort for the LAN side, but for WAN, it's always best to work with the DNS provider.

It's not rocket science - and most folks miss the point about how powerful DNS can be.

 

[ColinTaylor]

Dynamic DNS (pretty much any provider there, not just DynDNS) does port redirection

Correct me if I'm wrong but AFAIK things like DynDNS' WebHop work by creating a virtual host that redirects to another host/port by using a running service (server), so in that sense it's similar to a reverse proxy. What it is not doing is just returning a DNS record and letting the client's browser do it.

DNSMasq can do this locally with a little bit of effort for the LAN side

Getting back to the original question. Can you post an example of how to do this so that myhost.internal.lan:9000 can be accessed using myhost.internal.lan/lms or lms.internal.lan

 

[el_pedr0]

Getting back to the original question. Can you post an example of how to do this so that myhost.internal.lan:9000 can be accessed using myhost.internal.lan/lms or lms.internal.lan

Thanks for the pointers - it's certainly helping get me up to speed. I'd still be very grateful for an example though.

 

[ColinTaylor]

Thanks for the pointers - it's certainly helping get me up to speed. I'd still be very grateful for an example though.

@sfx2000 we're both still waiting for you to show us how to do this with dnsmasq on the LAN.

DNSMasq can do this locally with a little bit of effort for the LAN side

 

[ColinTaylor]

Getting back to the original question. Can you post an example of how to do this so that myhost.internal.lan:9000 can be accessed using myhost.internal.lan/lms or lms.internal.lan

@sfx2000 we're both still waiting for you to show us how to do this with dnsmasq on the LAN.

@sfx2000 Hello, anybody there? It's been 2 weeks and we're still waiting for you to show us how to do this. According to you it's not "rocket science" and only requires "a little bit of effort".

DNSMasq can do this locally with a little bit of effort for the LAN side

It's not rocket science - and most folks miss the point about how powerful DNS can be.

 

[sfx2000]

@ColinTaylor - I said it already, but here's a canonical example

_http._tcp.www.example.com.  IN      SRV 0    5      80   www.example.com.
_http._tcp.www2.example.com. IN      SRV 0    5      87   www.example.com.

This will work with clients that support SRV records (unfortunately most mainstream HTTP browsers don't) - for HTTP, one can using proxy (apache mod-proxy) or nginx and play it out from there according to needs/requirements.

Like I said before - not rocket science - might have to put on the engineering hat and science the heck out of it, but it can be done.

 

[ColinTaylor]

This will work with clients that support SRV records (unfortunately most mainstream HTTP browsers don't) - for HTTP, one can using proxy (apache mod-proxy) or nginx and play it out from there according to needs/requirements.

Phew, so finally you agree with what I've been saying all along . It took you a while but you got there in the end .

Can you provide ANY proof whatsoever that browsers now support SRV records?

And you've still not provided any evidence that ANY browsers exist that support SRV records, mainstream or otherwise. Oh well.

So, having established that @el_pedr0 request cannot be done by just modifying dnsmasq we are left with my original suggestion of using a reverse proxy of some sort.

I think the most common solution used on routers is nginx which is available as an entware-ng package. It can be configured as a reverse proxy or as a redirector. See here for examples.

But to me the question is "is it really worth the effort?". Personally, I think I'd just bookmark the URL with the port number and leave it at that.

 

[sfx2000]

And you've still not provided any evidence that ANY browsers exist that support SRV records, mainstream or otherwise. Oh well.

I already said that Browsers don't - which is a bug... and it's been a long standing issue with many developers - sooner or later it's gonna be fixed there as the cloud is going to need it.

In any event - what's your point here?

 

[sfx2000]

For example I run a logitech media server, which is currently accessed at 'myhost.internal.lan:9000'. But I would really like to set up some way of accessing it with an alias such as myhost.internal.lan/lms

Depends on services and protocols - rmerlin's firmware does nice things, but it's limited to some degree...

nginx (or Apache with mod_proxy) can do this, along with some DNS records - and this is best done outside of AsusWRT - and you can still enjoy the trainwreck that AsusWRT has turned into... Eric has done great work here, but it's turning into a losing battle there with the upstream breaking things in the name of security?

DNS can basically be hosted anywhere - on the router, at the ISP, or in a box inside your network - to that end, an investment in something like an Raspberry Pi or other single board computer can extend the capability of your network.

Hosting DNS on the Pi(SBC) gives you the ability to define local DNS and Service Records - it also allows you to define hosts and services - with an HTTP service also hosted on that SBC, you can use proxy services to define port mapping across services (this is similar to what Google, Microsoft, and Amazon do with their cloud services).

These little SBC's don't cost much - RPi3 is $35USD, and it runs a big boy version of linux, not a variant of Linksys WRT54G drop from over 10 years ago...

This is a bit beyond what @ColinTaylor understands or professes to know - and that's ok - he's probably smart at something, as he's been a great contributor in other threads.

 

[RMerlin]

Let's face it, pretty much nobody uses or support SRV records. The only in-the-field, real usage I have ever seen is for SIP/VoIP.

 

[ColinTaylor]

In any event - what's your point here?

My point is that you have made a series of false claims and when challenged have failed to provide any supporting evidence, or "reinterpreted" your previous answers.

Namely, in post #5 you claimed that a browser would do a port redirect based solely on a DNS response. When challenged for proof of this you eventually changed position to suggest there were some non-mainstream browsers that could do it. Again, when asked for proof you failed to provide any. You are now claiming that lack of support for SRV records in browsers is a bug but provide no supporting evidence. Browsers do not support SRV because it is not part of their standards, so it's not a "bug".

Obviously you're someone who is incapable of admitting that you could ever be wrong.

This is a bit beyond what @ColinTaylor understands or professes to know

Really . For all your prevaricating, you're suggesting a proxy server, which is what I said in post #2. Try to keep up.

 

[sfx2000]

Really . For all your prevaricating, you're suggesting a proxy server, which is what I said in post #2. Try to keep up.

You assumed he was doing http - which OP never mentioned - anyways - this is going nowhere.

mainstream browsers don't do SRV, but there are many client/services that do - this is how the cloud works when you're working with VM's and containers.

I consider this discussion closed...