Hi

Currently I’m running a few servers at my home and I own a domain. I’d like to access those servers from outside my network (right now that happens through a VPN) but I don’t know anything about A records and MX records and as I understand, that’s what’s needed to do this. So would there be a tutorial that explains this like I’m 5 years old?

  • liblame@kbin.social
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    So an a record is nothing more than a name you connect with an ip address. Your computer takes that name and asks your dns server (in your case hour pi-hole) who that is. Your dns then looks it up and tells your pc that this address is the ip 157.22.4.67 (just made that up and don’t know what’s there). So then your pc connects to that ip.
    PCs can’t really work with names and need ip address to reach anything over the internet.
    It’s like your home address so that the post office can deliver to you. That means every device that is reachable over the internet needs a unique ip address. Like how your home address that needs to be unique too.

    But now comes the more complex part. There is a device that sits between your local network and the internet. Like the door on you house.

    Because ip addresses are limited they declared that there should be private ip ranges that won’t be able to be used on the wider internet, and these are 192.168.x.x, 10.x.x.x and I forgot the third range.
    These ip ranges are only usable on your network.
    They are like little postal addresses that only the people living in your house know and can go there. The postman delivers to your house address and you take that letter and give it to the recipient that maybe lives in a room in your cellar. Your postman doesn’t know but you do. In that case you are the router your provider gave you. That router uses something called a NAT (network address translation) to deliver the package to the device that asked for it. Because most connections are going out from your network to the internet it’s mostly plug and play.

    So what you can do is go to your domain provider and change the A record to the external ip address that your router is using but be warned there a countries where the provider changes your ip address with every reconnect (mine does).

    And here is the tricky part. Your router needs to know to whom he has to deliver and you can tell him that with port forwarding. That means that if you try to connect with a browser to your external ip address it goes to port 80 if you use http:// or 443 if you are using https:// and your router needs to know to whom these connections go and that should be your server.

    And now comes the harder part. You have to have a web server on your home server that uses port 80 or 443 to accept these packages and shows you your sites that you want to reach. I don’t remember much from configuring nginx/apache to help you there but the rest should be searchable.

    TL;DR: A records are like postal addresses that say behind that name is that ip address so that a computer can go there.

  • nitrolife@rekabu.ru
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    On DNS you need A record if you have ipv4 only or A and AAAA records if you have ipv4 and ipv6.

    You DNS outside you home servers? If you have dynamic IP at home you can’t host DNS on home server.

    You have only 1 IP? You need port forwarding on you home gateway to home servers if you use somerhing like SSH. If you want access to something web based you need proxy. NGINX for example.

    How it exactly work:

    • Somewhere someone write youdomain.com in browser.
    • Browser ask local dns: who is youdomain.com
    • local dns ask another dns, and another and in one iteration request go to you dns. Or maybe some of dns have cached answer. But imagine that not.
    • You dns send answer youdomain.com is 111.222.333.444 for example. That is A record.
    • DNS work stop on that.
    • Browser send request to 111.222.333.444 with HTTP header “Host: youdomain.com” and some path. / or /something maybe.
    • Some balancer should get request and send in to right server in you home network.

    UPD: don’t show to internet something risky interfaces. Proxmox web panel or something like that. This is a real bad idea. For that type of services VPN extremely greatest. Send you DNS to public without protection not a great idea too. Including pihole. I think you will get into some botnet already on the 3rd day of work.

  • ZenGrammy@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Hi there. We hope you’re enjoying NSQ. Will you please edit your post title so that it contains a question? It’s rule 1 in the sidebar. Thanks for posting!

  • magmaus3@szmer.info
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    A (and AAAA) records store your IP address, while MX record stores a domain for email servers to use.

      • runaway@lemmy.sdf.org
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        What I’d personally recommend is Cloudflare Tunnels, it allows you to lock down access to your services with an emailed code or other authentication method, as well as avoiding having ports forwarded to your services. It’s an easy way to avoid port forwarding and not have to worry about whether all the services you’re hosting are 100% secure, since you’ll be exposing them to the internet.

        The downside is you’re routing all your traffic through Cloudflare.

        • TheOldRepublic@lemmy.worldOP
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          I discovered this one too. Don’t care about the downside as long as it works and is easy a ough to do…And it is, worked right out of the box. The only problem I have now is that my website (hosted on the servers of a domain provider) is not accessible anymore. Tried to redirect to the correct ip, but it’s not working. I have an nginx server too but for some reason that ip is also unavailable, while the one from my jellyfin (which is on the same proxmox) is 🤔