Solved

SBG8300 Port Forwarding FQDN on LAN

  • 12 April 2023
  • 7 replies
  • 279 views

Badge

Port forwarding works from Internet to my server, eg: https://SnellsNotebook.us properly produces a web page to an internet user.  However attempting to connect to the server using its FQDN (SnellsNotebook.us)  from device connected to the LAN (wired or wireless makes no difference) results in accessing the router’s login web page.  This behavior is unique in my experience, as all of the routers I have had previously would resolve the FQDN the same regardless of whether the request came from WAN or LAN.

Static address for my web server srv1.local is 192.168.0.10

I have forwarded ports 80 and 443 to 192.168.0.10

Port Triggering is off.  RIP is off.  DMZ is off. Symptom remains if 192.168.0.10 is in the DMZ. ALG has all options checked.  No devices are bridged.

I have seen references that claim routing to the FQDN from with the LAN are not supposed to work.  If that is the case for the ARRIS SBG8300 can anyone recommend a cable modem/router that will perform the way I want it to?

icon

Best answer by SURFboard Support 10 May 2023, 23:47

View original

This topic has been closed for comments

7 replies

Userlevel 2
Badge +9

Did you try to set up a dynamic DNS? go to 192.168.0.1 and then go to Advanced and select dynamic DNS enter the info there and see if that works, if you do not have any results maybe you will need to set up some advanced settings 

Badge

I have no-ip dns services.  My FQDN is working from the Internet into my web server which is a computer on my LAN.  The problem is that I can not use the FQDN from within the LAN to access the web server.

As a temporary fix I added a route in host files on those devices which support host files (phone and iPads and the router do not).  

As far as I can tell the only workable solution will be to install a DNS server within the LAN and point the Surfboard DNS to that server.

There is a DNS server within the Surfboard - but it is not documented as being accessible via ssh or http.  Or rather I have not found a way to do so … anyone have any insights please?

 

Badge

Sorry, I didn’t address your suggestion directly.

Surfboard Dynamic DNS is only available for three services

DynDns.org, Changeip.com, and Freedns.afraid.org.

I use no-ip.  I sure would be nice if the Dynamic DNS configuration in the Surfboard would allow setting parameters for an arbitrary Dynamic DNS service.

 

 

I have run into the same problem where I cannot access my FQDN from within the LAN to access a local web server but it works from the WAN (i.e. testing from my phone with wi-fi turned off to it’s using the mobile network). I have forwarded ports 80 and 443 to an internal IP on my network. Port Triggering is off.  RIP is off.  DMZ is off. I also tested with DMZ on. ALG has all options checked.  No devices are bridged.

I tried setting up Dynamic DNS, waited one hour (just in case because typical TTL is 3600 and *might* have been a factor), and it still does not work.

@TechRep I’d love to hear any additional suggestions if you have any! 

@JSnell I checked out dnsmasq and it seems reasonably easy to setup, and I’m trying to think of any gotchas I might run into before actually trying it out though. If you do end up installing a DNS server within the LAN and pointing the Surfboard DNS to that server, I would love to hear more detail about that if you have time to share. I admit I don’t totally understand (yet) how to assign a local IP within the LAN to the local DNS server while (ideally) still using DHCP for everything else—if that’s even possible. Maybe no DHCP is the down side of setting up a local DNS server? Thank you for posting your question btw—it helped me!

Badge

Designsimply, thanks for the reply.

DHCP simply configures your devices LAN settings by recognizing the MAC Address of the Ethernet adapter.  One of those LAN settings is what addresses to use for primary and secondary DNS servers.  By configuring the Surfboard to point the primary DHCP assigned DNS to a local DNS server you get the ability to control how FQDN’s are handled when the source address is on your LAN.  Over time the LAN DNS Server will learn all of the routes used to resolve every FQDN requested by every computer on your lan that is configured to use it.  In the event your DNS server does not know the route, it looks ‘upstream’ to another DNS server, until it reaches the ‘authoritative server’ for the Domain ex: com, gov, us, edu, etcetera. Exactly the same way your service providers DNS works - your DNS server is downstream from your providers DNS and provides routes to FQDN’s for only (and all) devices inside your LAN to reach both inside and outside servers.

I don’t have the Surfboard menu in front where I can see it right now, but look through the configuration until you  find where the LAN DNS settings are configured - this will be where you add the address of your DNS server.

I’ve been looking into the least expensive way to set up such a DNS server, and think that it may be by using a Raspberry Pi running Linux that supports dnsmasq … google “raspberry pi dns server”. The trick at this moment is to acquire a suitable Pi at a reasonable price (or at all!).

Of course if you have any old computer laying around that can run any version of Linux, then all you have to do is configure and run the DNS server that is probably already available on that machine.


If you have any questions please don’t hesitate to ask!

Userlevel 3
Badge +13

Hello @JSnell 

 

The feature you described known as “NAT Loopback” and it is not available in our SURFboard products.  If you like, you can create an Idea post to consider your feature for future release.  Reference this link to learn more about it.  Create an Idea

 

Userlevel 3
Badge +13

 

Thank you @jcrokicki for submitting an Idea for NAT Loopback feature.  Please vote if you’re interested in seeing the feature added in the future.