Understanding subdomains from LAN and WAN

I have a Mac Mini server whose IP is tracked by a dyndns account.

With some port forwarding from an Airport Extreme Base station, I can easily access mydomain.dyndns.org from anywhere outside my LAN.

Now, I would like to be able to access other stuff from my LAN directly from anywhere else, using a browser. For example, a Windows server running at the same time another web server on port 80 but also a bit torrent web interface on port 9091. The only problem is that I would like these to be accessible from normal http (from the outside world, at least).

Like mywindowswebpage.mydomain.dyndns.org and mybittorrent.mydomain.dyndns.org

I believe what I need is virtual hosting, by editing the httpd.conf file on the server that resolves the main domain (which is the mac mini). However, in order to allow the subdomains to resolve to my IP address, I know I also need more than just that.

One option would be getting a pro account at dyndns to allow wildcards.

My questions are:

Using my Mac Mini Server, can I set up my own DNS server so that when users from the outside world type mysubdomain.mydomain.dyndns.org it would query my own DNS and route the requests to the correct machine (or indeed I'll have to pay a registrar that accepts wildcards, otherwise my subdomains will never ping)?
How do I set up my virtual hosts on httpd.conf so that mysubdomain.mydomian.dyndns.org resolves to my Windows web server (on port 80) and mybittorrent.mydomain.dyndns.org resolves to the same machine, but whose web interface is on port 9091?
Is there any setup needed on these services (any conf files to modify on the bit torrent web interface, for example) in order to allow these things to run??

I am running Lion with Lion Server and my IP is dynamic.

gaudi_br

Posted 2011-12-12T07:59:08.257

Reputation: 91

In general this will not work. Clients usually establish a connection using the resolved IP address. Since all of your intended domains will resolve to the same address, it will not make a difference. Virtual hosts are a lucky exception. – artistoex – 2011-12-12T10:52:42.393

Answers

In answer to my own question, I believe I've found the way to do it.

I will still need a DNS solution that routes all subdomains to my single IP address, so apparently I can't work around having a pro dyndns account.

As per getting all these different requests to route correctly within my internal network, I found a few hints towards reverse proxy being the solution.

The reverse proxy entry on wikipedia confirms that belief.

I'll start working towards finding a good, easy to use solution and putting into place.

Thanks for your efforts and your help. I'll probably start a reverse proxy thread pretty soon if I need more help.

gaudi_br

Posted 2011-12-12T07:59:08.257

Reputation: 91

A good way to provide access to a service on another computer is to use port-forwarding on your router. You'll have to use a different port number (e.g. 81) for the HTTP service if you already have port 80 forwarded to your Mac mini.

Otherwise you'd have to run some kind of transparent proxy server on the Mac mini.

Getting dyndns to delegate a subdomain to DNS service on your Mac mini wouldn't help. It would have to resolve to your external IP-address anyway, the same one as all the other computers on your LAN - This is what Network Address Translation (NAT) in your router does. You'd normally only have multiple IP_addresses available if you have arranged for multiple fixed IP-addresses with your ISP.

What you could do is arrange for the Mac Mini to issue a Redirect HTTP response for the other domain so that requests to http://mybittorrent.mydomain.dyndns.org on port 80 get redirected to http://mydomain.dyndns.org:81. You'd have to arrange for dyndns to point mybittorrent.mydomain.dyndns.org at your dynamic IP-address. I don't know if dyndns provide this sort of service.

I'd start by forwarding port 81 to the Windows server.

RedGrittyBrick

Posted 2011-12-12T07:59:08.257

Reputation: 70 632

Thank you for the reply. I have previously done port forwarding on the router to different services in my local network, but in the present case, this is not an option. The reason is that I really want to be able to access these services as I would a normal webpage, so that I don't get blocked by proxy servers (not my own, of course). Unfortunately, the only way to host different sites on my network through a single dynamic IP is to have them on different ports, which is why I brought up the virtual host idea. I read somewhere that apache's virtual host allows redirection to different ports. – gaudi_br – 2011-12-12T11:27:35.570

To sum it up, I do with to host everything on the same external address, which in my case (to make things worse) is dynamic. However, when a user types http://mybittorrent.mydomain.dyndns.org/, he should reach what my server specifies within the LAN. I'm quite convinced this is possible, but i need the How...

– gaudi_br – 2011-12-12T11:32:44.197

#@gaudi_br: How will your router know which computer it should send the HTTP request to? All it knows is the target IP-address (the router's single external dynamic IP-address) and a port number. As an IP-router it can't see or act upon the HTTP Host: header. – RedGrittyBrick – 2011-12-12T15:19:20.620

#@RedGrittyBrick Well, that's where I thought either the reverse proxy or the virtual host solution would come into place... – gaudi_br – 2011-12-12T21:54:44.400

It's possible to have your own DNS server on dynamic IP but I wouldn't recommend it. If you really want subdomains (see (2) - maybe you don't actually need them) you better use dynamic DNS provider that allows subdomains, try the biased list, for instance EntryDNS probably would do for you.
To have some services on different computers / ports, simpliest is to setup port forwarding for those ports too in your router, and you access it yourdomain.dynds.org:9091. This way actually you don't need additional hostnames - you can forward any port to any PC and it's all accessible from outside via the same IP and same hostname.
Probably no - as far as service concerned, it just listens locally on it's port, no matter how requests come there.

Hope that answers, if not you are welcome to comment.

Alex

Posted 2011-12-12T07:59:08.257

Reputation: 557