Strange DDNS resolving issue.

[_Grid21]

I have a strange networking issue I don't know how to solve right now. Allow me to try to explain.

 

I recently got a new Asus RT-AX86U Pro Router, and a new Netgear Modem. I have some services that a Jetson Nano and a Raspberry Pi run for me.

 

On the Jetson Nano I run a Minecraft server and WireGuard VPN

 

On the Raspberry Pi I run Kuma UpTime which is basically an "downdector" Docker Container that custom checks IP address I go to regulararlly. 

 

Now here is where the issue starts, I'll take this 1 IoT Device at a time. So let's start with the Jetson Nano. WireGuard VPN is port forwarded and works as expected on a remote laptop and Android phone using a custom DDNS address provided by No-IP. I can connect to my VPN easily no issue. However, when I go to use this same address for my Minecraft Server on a different port, I get an error message that reads "Failed to Connect to the server. Connection timed out: getsockopt". However, I am able to get to the server if I use my public IP address and the set port number, my minecraft client can connect to the server.

 

Now for the Raspberry Pi. I have a Kuma UpTime webpage I run and a custom port address for the website. However, when I go to my custom address from No-IP with the Port number, it too says it's unreachable.

 

This is where I am confused. My WireGuard VPN works just fine with the custom address and port number no issue. But for some reason, my No-IP Address doesn't appear to be resolving for the other 2 services I run. The ports are open, and when I do a port check on one of those websites, granted it only sees my real IP, it says the ports a visualable. I even had my custom DDNS No-IP Setup in the Asus Router, but again, I am still not able to connect to the services outside my network. I feel like this has to be some weird DNS resolving issue, but I can't prove it right now, and the DNS Server my router uses is Quad9, although, I did try my ISP DNS servers and it still didn't seem to resolve the connection.

 

What do you suggest I try? What kind of error am I experiencing really here? Please let me to understand so I can get these services back out public facing. And yes, these 3 custom ports are indeed port forwarded to their respected IoT boxes. 

 

 

[StDragon]

There is no ports to specify in a hostname record. For example, you will have example.ddns.net
To specify a port in a URL for port 8000 (again, just an example), that would be example.ddns.net:8000. But from the DNS record, it still the same example "'A' record" hosted at ddns.net

 

So if you can specify the port number in the client, all you need is the same host name. I run multiple services from home using just one ddns.net hostname, but obviously hosted on different ports.

[_Grid21]

4 hours ago, StDragon said:

There is no ports to specify in a hostname record. For example, you will have example.ddns.net
To specify a port in a URL for port 8000 (again, just an example), that would be example.ddns.net:8000. But from the DNS record, it still the same example "'A' record" hosted at ddns.net

 

So if you can specify the port number in the client, all you need is the same host name. I run multiple services from home using just one ddns.net hostname, but obviously hosted on different ports.

That's what I had been doing, was typing the address in the client software, and then adding the port at the end. example.com:<port number> so I am already doing that, but it's connecting regardless of me doing that.

 

Also if what you are saying is true, then explain why I said above my WireGuard works just fine with a custom port and address, but NOT my other services, that's what I don't understand even though I am doing essentially the same process. 

 

[LAwLz]

My guess is that there is more to your setup than you haven't explained (like a reverse proxy) and the issue is in that config. 

 

DNS (and DDNS) is very dumb. It just replaces your address. If it works when you type the IP and port number but not when you so the DNS-name and port number (make sure the domain name resolves to the correct IP) then it's related to something in the application layer. 

[_Grid21]

9 hours ago, LAwLz said:

My guess is that there is more to your setup than you haven't explained (like a reverse proxy) and the issue is in that config. 

 

DNS (and DDNS) is very dumb. It just replaces your address. If it works when you type the IP and port number but not when you so the DNS-name and port number (make sure the domain name resolves to the correct IP) then it's related to something in the application layer. 

yeah I don't understand why WireGuard VPN works for my friends and I, but Minecraft Server and a public facing website that uses the same DDNS and a different port number won't work. I'll try emailing No-IP and see if they can offer a solution. My setup isn't too complicated, I am running the minecraft server off a Docker Container, which had worked just fine with my R6400v2 Router, but the Asus RT-ZX86U Pro is acting a little differently for some reason.

[LAwLz]

58 minutes ago, _Grid21 said:

yeah I don't understand why WireGuard VPN works for my friends and I, but Minecraft Server and a public facing website that uses the same DDNS and a different port number won't work. I'll try emailing No-IP and see if they can offer a solution. My setup isn't too complicated, I am running the minecraft server off a Docker Container, which had worked just fine with my R6400v2 Router, but the Asus RT-ZX86U Pro is acting a little differently for some reason.

Have you verified that you get the correct IP when doing a dns lookup for the domain? 

If you get the correct IP then there is nothing no-IP can do. Their service works as expected. 

 

Again, I suspect that the issue is related to docker or some load balancer you might have configured.

If it works when you use the IP but not when you use the domain name, and the domain name resolves to the correct IP, then there has to be something like nginx or traefik that relies on the domain name in order to forward traffic. 

[_Grid21]

On 6/28/2024 at 4:15 AM, LAwLz said:

Have you verified that you get the correct IP when doing a dns lookup for the domain? 

If you get the correct IP then there is nothing no-IP can do. Their service works as expected. 

 

Again, I suspect that the issue is related to docker or some load balancer you might have configured.

If it works when you use the IP but not when you use the domain name, and the domain name resolves to the correct IP, then there has to be something like nginx or traefik that relies on the domain name in order to forward traffic. 

Actually recently, one of my friends tested my DDNS with the assigned port and said they were able to get to the address of the Minecraft server and public facing website. So I guess it solved itself some how. 

[LIGISTX]

3 hours ago, _Grid21 said:

Actually recently, one of my friends tested my DDNS with the assigned port and said they were able to get to the address of the Minecraft server and public facing website. So I guess it solved itself some how. 

I wouldn’t have anything exposed to the internet that doesn’t need to be. Uptime kuma shouldn’t be exposed for example… if you need to see status of things, VPN in and check uptime kuma from within the LAN.