accessing a server from it's LAN and the outside with the same domain

Situation

I have a server on my LAN running a LAMP server, I use it for TeamSpeak, nextcloud, personal webhosting etc.

I own a domain "through" cloudflare, redirecting to my public ip address.

I access the server from the LAN and the outside.

my issue / what I want to change

Due to my server being on my LAN it has the same public ip address as my client (only when I am at home, obviously). Therefore I can't access my server because pinging my own public IP doesn't work (normal behavior, i guess).

So to overcome this problem I use my hosts-file to redirect my domain to my server's local IP address. But everytime I change position (nearly every day) I have to edit this file.

And this also works on only the few devices I can edit this file on. So on my phone (android) for example I can't access my websites or anything domain-specific.

is there any way to overcome this issue?

I actually have some ideas

finding some way so that my public ip address is "pingable" from my LAN
setting up a local DNS server
different DNS zonefiles depending on the requesting ip address, if that is even possible (maybe cloudflare offers this feature). (if the requesting ip address is the same the domain redirects to, it answers with my local ip for the server)

edit (17.03.17)

I forgot to mention that I also want to use this server for mail in the future. So it has to be prepared for that.

I have now installed a DNS server on it which resolves my domain into the local IP address of the server (using bind9; also for reverse). This works perfectly fine, but for that I had to manually set my DNS servers (the ones my computer is requesting), resulting in slower loading times (of other websites). But this is also not the perfect solution, because then someone like friends of mine can't access the server due to them not having my own DNS server in their list. Would changing the default DNS servers of my router solve this problem?

Unfortunately I have a dynamic public ip address, it changes about every three weeks. Until now I have changes my DNS entry manually, but that has to change (that's why I switched to cloudflare, they offer an API for that).

To access my server from the outside at all I had to redirect/forward some ports to it. Here is a screenshot of them:

ip-address

Iuppiter Zeus

Posted 2017-03-12T02:27:04.207

Reputation: 29

1You need to enable hairpin NAT on your router. – EEAA – 2017-03-12T02:56:36.943

Per EEAA's comment, a link to the Wikipedia hairpinning article.

– moonpoint – 2017-03-12T03:08:02.743

thanks for your answers. I googled a bit about hairpin / NAT and I found out that my router (Speedport W 724V Typ A) doesn't support it.but that would have been the ideal way :/ – Iuppiter Zeus – 2017-03-12T21:35:41.860

Answers

The answer depends on your utility. If you only use http to communicate with the server on your internal lan (by public name), then you can change the behavior based upon the port. You could also issue a redirect from your local lamp based upon the source IP address for instance. (e.g. if it has the source address as the external gateway, then it could redirect the request to the internal IP address). That wouldn't get you the name mapping though.

Even that stated, it sounds like there's a misconfiguration in the port-forwarding in the router. Not talking about hairpinning, which my routers also do not support, but I use port forwarding and can connect to internal servers from inside or outside our lan by routing through the external domain/interface. e.g. I have a home.domain.com DNS entry which points to the router's wan interface. Whether I'm inside or out, requests to home.domain.com go to the wan interface, then get port-forwarded back through to the correct destination server. That is still indirect in some ways, but it works, so it should work for you too.

It also is a question of how many other servers provide the port/service inside your lan. Is it only the one?

Finally, I do consider this problem from time to time too, since I want a hostname policy that is dependent upon the network I'm connected to as well. Maybe an easy option is to { (a) write a scheduler script (if you're on windows) or (b) add a script to ifup/ifcfg } that pings the specific linux host or other known assets inside the LAN and then sets the hosts value based on it. It isn't as elegant as running your own DNS server with its own internal rules (which, btw, may be just as easy to deal with, since the dhcp can provide the internal lan DNS server.

Perhaps it isn't working for you because you are using IP redirection for your domain name, rather than dynamic DNS? For instance, our public IP is dynamic, so I have my internal servers periodically update my dnsmadeeasy sub/domain with the outside/public facing IP address. Then hostname lookup goes straight to the right IP address, it isn't redirected there.

Beracah

Posted 2017-03-12T02:27:04.207

Reputation: 169

there is only one server on the LAN. it has a static ip address, all the other computers don't. here is a screenshot of the port forwarding: https://pl.vc/1b0p73

– Iuppiter Zeus – 2017-03-17T20:57:02.263

I'm sorry it took me so long to finally write this final answer.

(already mentioned in the edit of the question)
The perfect way would be having a router which supports hairpin/NAT. But mine doesn't. That's why I've decided to use a DNS server. I only had to change the default DNS servers on my computers and phone and so on (which btw is possible on every common operating system). This resulted in little but noticeable (at least I believe that) slower loading times. But it is no big issue.

But the next one (other people not being able to access the server when in my LAN due to them not having my DNS server in their list) was a bigger issue and therefore I decided to leave it there. The only way I assume exists is changing the default DNS servers in my router. But to do that I would have to modify the whole setup, but there are known ways to do so.

About the issue with my changing IP address:
I wrote myself a small script that looks every like five seconds whether I have a new IP address and if that's the case it automatically changes it via the above mentioned cloudflare API. If anyone needs it and is too lazy to write it himself I can publish it.

Thanks @Beracah for your answer :)

Iuppiter Zeus

Posted 2017-03-12T02:27:04.207

Reputation: 29