Mapping Different DDNSes to Different Computers/Hosts?

[darkarn]

Hi guys, how can I map different DDNSes to different computers, instead of one DDNS to many computers?

As in, here's what I am doing now:

abc.ddns.net => AC-66U's WebGUI (I don't like how the DDNS is set to point to the router's WebGUI upon setup, will be great if I can do something about this)

abc.ddns.net:123 => Computer 1 (pointed to its port 80)
abc.ddns.net:234 => Computer 2 (pointed to its port 80)
...

All these are done in the DDNS and port forwarding GUI. While it works, the idea of having to type additional numbers behind the DDNS is kinda weird. Besides that, I also am concerned about accidental access to my router's WebGUI (which I locked down via disallowing access to it via WAN and allowed only specific LAN addresses) and running out of ports e.t.c.

So, what I will like to do is this instead:

abc.ddns.net => Computer 1
def.ddns.net => Computer 2
...

Is the new setup possible under Merlin? I understand that there are services like DNS-O-Matic that can help in getting multiple DDNSes under one router, but it appears to need Tomato or DD-WRT.

Thanks!

 

[ryzhov_al]

So, what I will like to do is this instead:

abc.ddns.net => Computer 1
def.ddns.net => Computer 2

This is called a reverse proxy. You can use nginx from Entware repo.

 

[RMerlin]

A DDNS is nothing more than a DNS entry. DNS entries do not contain port information, they only contain host names and IPs. It doesn't "point" to the router's webui, it points to the router as a device, and the client is the one deciding to which port it wishes to connect on that device. That's why a web browser will show the router's webui, but an SSH client will show the router's SSH login.

What you actually want is for port 80 to point to something else than the router's port 80. This isn't related to DDNS, and involves configuring a web server that will be setup as a proxy.

 

[alessandro893]

1. Add your dns enteries to "/jffs/configs/dnsmasq.conf.add" or make local dns server (local-access).
exmple:

/jffs/configs/dnsmasq.conf.add:
addn-hosts=/jffs/hosts.local

/jffs/hosts.local:
192.168.1.1 router.ddns.net
192.168.1.2 abc.ddns.net
192.168.1.3 def.ddns.net
______________________________________________________________________
2. Point different ddns enteries to different ports (www-access).
exmple:

abc.ddns.net => ddns.net:81 => 192.168.1.2:80 (Computer 1)
def.ddns.net => ddns.net:82 => 192.168.1.3:80 (Computer 2)

 

[darkarn]

This is called a reverse proxy. You can use nginx from Entware repo.

Thanks, let me check that out... The Entware stuff looks tricky though; I hope it can survive future FW upgrades (especially those that erase the JFFS partitions)

A DDNS is nothing more than a DNS entry. DNS entries do not contain port information, they only contain host names and IPs. It doesn't "point" to the router's webui, it points to the router as a device, and the client is the one deciding to which port it wishes to connect on that device. That's why a web browser will show the router's webui, but an SSH client will show the router's SSH login.

What you actually want is for port 80 to point to something else than the router's port 80. This isn't related to DDNS, and involves configuring a web server that will be setup as a proxy.

Hmm... That makes sense come to think of it... Will using nginx as suggested earlier be like the configuring of web server as you suggested?

1. Add your dns enteries to "/jffs/configs/dnsmasq.conf.add" or make local dns server (local-access).
exmple:

/jffs/configs/dnsmasq.conf.add:
addn-hosts=/jffs/hosts.local

/jffs/hosts.local:
192.168.1.1 router.ddns.net
192.168.1.2 abc.ddns.net
192.168.1.3 def.ddns.net
______________________________________________________________________
2. Point different ddns enteries to different ports (www-access).
exmple:

abc.ddns.net => ddns.net:81 => 192.168.1.2:80 (Computer 1)
def.ddns.net => ddns.net:82 => 192.168.1.3:80 (Computer 2)

I am confused at Part 2; do I need n+1 DDNSes instead of just n DDNSes, where n = no. of hosts? Also, I don't see anything about www-access when Googling dnsmasq...

 

[RMerlin]

Hmm... That makes sense come to think of it... Will using nginx as suggested earlier be like the configuring of web server as you suggested?

I've never configured a proxy with nginx but it should be possible, yes


Sent from my Nexus 9 using Tapatalk

 

[alessandro893]

I am confused at Part 2; do I need n+1 DDNSes instead of just n DDNSes, where n = no. of hosts? Also, I don't see anything about www-access when Googling dnsmasq...

ONE DDNS, but few subdomains (third-level or fourth-level domains).

www-access - I mean access from outside.

 

[jochenthomas]

1. Add your dns enteries to "/jffs/configs/dnsmasq.conf.add" or make local dns server (local-access).
exmple:

/jffs/configs/dnsmasq.conf.add:
addn-hosts=/jffs/hosts.local

/jffs/hosts.local:
192.168.1.1 router.ddns.net
192.168.1.2 abc.ddns.net
192.168.1.3 def.ddns.net
______________________________________________________________________
2. Point different ddns enteries to different ports (www-access).
exmple:

abc.ddns.net => ddns.net:81 => 192.168.1.2:80 (Computer 1)
def.ddns.net => ddns.net:82 => 192.168.1.3:80 (Computer 2)

Hi I was pointed to this thread, I am looking as well to forward DSN based external requests to different internal IP's on different ports.

# point domainA.com     to 192.168.1.111     (= Web server, ports 80/443)
# point    sub.domainA.com to 192.168.1.555:3389     (= RDP, tcp+udp port 3389)
# point domainXYZ.com   to 192.168.1.77:123   (= exemplarily for differnt dom

But I am unsure if I understand correctly.
Please can you check or change each file content if not correct:

File 1: /jffs/configs/dnsmasq.conf.add

addn-hosts=/jffs/hosts.local

File 2: /jffs/hosts.local

domainA.com      192.168.1.111
sub.domainA.com    192.168.67.555:2289
domainXYZ.com      192.168.1.77:123

Thanks in advance.

 

[bbsc]

admin@RT-AC66U:/tmp/home/root# cat /tmp/etc/dnsmasq.conf | grep interface
interface=br0
admin@RT-AC66U:/tmp/home/root#

dnsmasq does not listen WAN. I'm afraid those conf.add's won't work from outside.
The router itself does not know anything about domains as said in the post #3.

You need something listening port 443 or 80 (or whatever is open in the corporate network) on WAN and analyzing queries.
It can be nginx as said in the post #2.

 

[jochenthomas]

That's sad ;-) But thanks for the answer.
O.k. the idea was to have it already in the router working and not on a different machine. But as I have nginx working for web server I will use it for the mentioned purpose...

 

[bbsc]

the idea was to have it already in the router working and not on a different machine

What's the problem? Just install it on the router from Entware.

 

[jochenthomas]

o.k. never played with Entware, thanks for suggestion ;-)

 

[darkarn]

Ah, real sorry for these late replies, was busy with school and stuff...

I've never configured a proxy with nginx but it should be possible, yes


Sent from my Nexus 9 using Tapatalk

Thanks, let me see how do I get nginx up on the router...

ONE DDNS, but few subdomains (third-level or fourth-level domains).

www-access - I mean access from outside.

Ah I see, that makes sense now, thanks!

 

[darkarn]

Hmm. I am using reverse proxy using nginx based on this guide: http://goran.tornqvist.ws/nginx-reverse-proxy-on-asus-merlin/

Now I am a little unsure why all my addresses ("abc.ddns.net" and "def.ddns.net") will direct me to the default nginx page; I have already placed an entry for "def.ddns.net" to another computer on my network while "abc.ddns.net" is pointing to the router and therefore should be the only address that will give me that default page.

Note that my DDNS provider (No-IP) does not allow me to use third-level domains; i.e. just "abc.ddns.net" and "def.ddns.net", not "abc.def.ddns.net"

PS: I understand that Dynu is a DDNS provider that allow these third-level domains but it is not supported in Asus/Merlin FW unless I write a custom script for it (of which I am still finding the guide for)

 

[darkarn]

Ok, my addresses are pointing to the right hosts now, I need to find a way to either update them to the right IP addresses accordingly since I can update only one address at a time, or find a way to switch over to Dynu.

More importantly, I am unable to access these hosts from WAN; I can access them only from LAN which is not my main purpose. Is this related to firewall settings?

 

[darkarn]

Seems to me it is due to firewall settings; I switched off the firewall briefly in the Firewall section under Advanced Settings and it works!

Now, how do I get all these to work despite having the Firewall on? I do not want to create other security risks by switching the Firewall off

 

[darkarn]

No one still able to help on this?

 

[sfx2000]

So, what I will like to do is this instead:

abc.ddns.net => Computer 1
def.ddns.net => Computer 2

Wrong solution for the problem...

Work with your DDNS vendor to update their records, and define hosts...

 

[darkarn]

Wrong solution for the problem...

Work with your DDNS vendor to update their records, and define hosts...

Hmm, but the external IPs for both computers are the same (since both go to the same router, and then to the same Internet service e.t.c.) and one of them is on Linux, which does not have the appropriate DDNS update client available.

 

[sfx2000]

map them out to different ports... and update your A, CNAME, and ALIAS records at the DDNS provider - they can walk you thru it.

host1 port 80 ------> your IP port 8080 ----> ddns ------> example.com
host2 port 80 ------> your IP port 8081 ----> ddns ------> example.net