We use cookies on our website. By selecting Accept, you are agreeing to our cookies. Find out more about our cookies
Accept
Reject
Skip to main content

FIbre Support

Get expert support with your Fibre connection.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to host your own server(s)

Quin452
Chatterbox

on ‎20-12-2021 03:20 PM

Message 9 of 9

Hello

I've recently taken out business broadband with TalkTalk, and I was wondering if someone can help me understand some things.

 

I've got experience with DNS, port forwarding, etc., and I think I've got a good system in place.

 

So I've opened up ports 80/443 and 22 to a home server.  This works externally (finally) but it doesn't work internally (when I'm connected to the same network).
I've tested this using my mobile's data and on WiFi and certain this is the case.

I found this thread from two years ago, where Keith mentions about there being a loop and being blocked by TalkTalk.
Now that is fine, but I cannot access it from any devices connected to the network, without editing the hosts file (Windows).

This is a bit of a nightmare when I've got multiple machines, and I cannot edit "hosts" (i.e. mobile).
Sure, if internal I could use the internal IP, but if I'm working remotely, it requires changing things back and forth.

Is there a way to actually get this to work properly?
How would this work in a "proper" office structure (rather than just me with dozens of devices).

((Although not urgent, a high priority is added other servers.  Currently I only have 1 public facing with the correct ports open, but how would I have multiple public facing servers, with ports 80/443 and 22 open?))

0 Likes
8 REPLIES 8

ColinK98
Whizz Kid
In response to Quin452

on ‎22-12-2021 03:10 PM

Message 1 of 9

Yes it is.
i like the unit a lot.

I'm unsure as to if the ReadyNas also has this option/application available.
If it does then this would seem like the simplest way forward.

if not then your going to have to spin up something on which you can install a DNS server.


Quin452
Chatterbox
In response to ColinK98

on ‎22-12-2021 02:52 PM

Message 2 of 9

A Synology NAS?  Is it an actual NAS server?

I ask because I alongside all the laptops, I am currently using a BioStar-based Ubuntu machine for Gitlab (which I'm about to retire), and I have a Netgear ReadyNAS and a Dell PowerEdge Hypervisor (I'm hoping to get Gitlab on this) to set-up.

What would you recommend the best course of action is?

0 Likes

ColinK98
Whizz Kid
In response to Quin452

on ‎22-12-2021 02:41 PM

Message 3 of 9
@Quin452 wrote:

I do not have an internal DNS, but I've come across something called DNSmasq?  I've got various machines lying around, so could I install Ubuntu on an old laptop and use that as an internal DNS server?
Would that resolve my issue?

Yes this wold resolve the issue.
I use a Synology NAS and have DNS enabled on that.


0 Likes

Quin452
Chatterbox
In response to ColinK98

on ‎22-12-2021 01:36 PM

Message 4 of 9

I do not have an internal DNS, but I've come across something called DNSmasq?  I've got various machines lying around, so could I install Ubuntu on an old laptop and use that as an internal DNS server?
Would that resolve my issue?

Also, on a separate note which is something new to me since being on TT, my Gitlab Runners no longer work - I'm assuming it's the same loopback, as it times out when requesting the URL.  I've yet to figure out how to change it to the internal IP (to test the theory).

0 Likes

KeithFrench
Community Star

on ‎21-12-2021 11:46 AM

Message 5 of 9

Hi @Quin452 

 

In @ColinK98's post he does mention NAT loopback, but it seems you already know about that in your opening post, where you reference one of my replies on this subject. If I can be of any help let me know, but we face one big problem with TalkTalk Business routers. They use a different firmware to the residential version of the same router. Therefore it makes it impossible for me to test the port forwarding within it.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 Likes

ColinK98
Whizz Kid

‎21-12-2021 10:02 AM - edited ‎21-12-2021 10:07 AM

Message 6 of 9

The issue here is that the hostname of your internal server is being resolved to the external IP address of your router.
And this will work externally.
However when you internal to the network and you try to connect to the server, it resolves to the same external IP address of the router.
so you are trying to go from the inside out and then back in again.
this is often known as loop back or hairpin NAT, either your router supports it or it doesn't.
it sounds as if it doesn't.

so the task now is to make it when you are external you get the external IP.
When you are internal you get the internal IP.
So either you need to get a router that supports hairpin/loopback NAT
OR
or you need to setup split DNS and requires an internal DNS server as well as an external DNS provider.

For example...
My email server has the host name xxxxx.synology.me
externally this resolves to 92.20.xxx.xxx
this allows other servers to send me email and it allows for the family iPhone etc to connect externally when they are out and about.

However i run a DNS server internally where as the address for xxxx.synology.me resolves to 192.168.1.xxx
Which is the internal IP address of my server.
So when people are inside they get the inside address.
When they are external they get the external address.

Do you have an internal DNS server with which to do this ?






Piethorne
Whizz Kid

‎20-12-2021 09:08 PM - edited ‎20-12-2021 09:16 PM

Message 7 of 9

@Quin452 Are you talking web servers (to display web pages) here or something else?

 

IMO, for administering your servers remotely you'd probably be better off using something like RealVNC, TeamViewer, Windows Remote Desktop etc. particularly as you're considering administering multiple machines.

 

When you say "multiple public facing servers" are you talking individual machines or "virtual" servers on one machine?

 

However...  web servers...

 

For multiple web servers, you would use "port redirection" at your DDNS provider. i.e. if your first domain name was quin452.ddns.net, you could add a port redirect of, say, 9282. Your DDNS provider would acquire your WAN IP, say, 75.87.123.95 and tag on the port redirect instruction. You'd set your router to redirect external port 9282 to internal port 80 of your server at, say, 192.168.1.50

 

Domain name + port redirect -->Changes to WAN IP + port redirect -->Router port forwarding -->Server
quin452.ddns.net + 928275.87.123.95:92829282<>80192.168.1.50:80

 

If you added another machine you'd do similar, just with a different domain name and redirects (the WAN would be the same) i.e.

 

anyname.ddns.net + 7063 ----> 75.87.123.95:7063 ----> 7063<>80 ----> 192.168.1.217:80

 

You just have to set static IPs in your machines and reserve the IPs in the router.

 

Of course you could always change the web server binding port to something other than the default of 80, but if you've got multiple machines there's little point as each would have it's own IP address. The port redirect and correct router port forwarding would ensure the appropriate server would always contacted.

 

Exactly how you'd set up virtual web servers depends on the web server software.

 

I've written a help page, mainly as a reminder for myself, for setting up a Windows IIS Web Server, using the DG8041 hub and the DDNS provider Dynu.com where you can create a free, no nags, domain. It's at http://piethorne.dynu.net/help/iiswebserver/index.html Although you're using a different router, the basic principles are the same, even if you're using an Apache server under Linux. You may find Step 3 useful for explaining port redirects. (You can also have "web" redirects - but that's another story...)

I'm just a customer who might be able to help, not official help & support.

fr8ys
Community Star

on ‎20-12-2021 05:08 PM

Message 8 of 9

Hi and welcome to the forum.

 

however this forum is for TalkTalk residential customers and not TalkTalk Business. You should be talking to your dedicated help line.

 

it may be that someone here can offer help but as there are fundamental differences between residential and business solutions, and software and hardware employed, customers who help others, and staff here will have no experience of the business side of TalkTalk.

Please remember to mark Solved Posts with Best Answer. Doing so helps other customers and saves TalkTalk's Support Team time by only looking at unsolved topics. Thanks, Steve (a fellow customer).
0 Likes
© TalkTalk 2021