I would like to point my custom domain to LXC container running on Omnia which is connected to another router accessing the internet. I’m not sure how to configure “Dynamic DNS” to obtain public IP, because my WAN IP is local IP assigned to Omnia by another router.
I suppose I need to set “Hostnames” and some “Firewall” rules as well, right?
Could you please explain the required steps to me? Thank you.
If you do not have a public IP (fixed or floating) or do not have port forwarding enabled by the ISP, then it will not work for you. DDNS is used for domain name changes of public IP (sometimes for free domain reasons).
Here you will find out your public IP: https://www.mojeip.cz/ and if you do not get from the IP to the device, then the domain will not help.
To obtain a public IP, contact your ISP.
If your uplink router has a public IP you need to have a port forward from your uplink router to your TO and then from your TO to your LXC Container. If your TO is the only network client of your uplink router you can set your TO as a DMZ client, so that all traffic gets forwarded to it (so no need for additional port forwards on your uplink router). Make sure your TO has a static IP so that port forwards/DMZ always points to correct ip.
In DDNS settings (advanced settings -> ip source adress) you can define how the DDNS script should obtain the public ip. Select URL and use e.g. http://checkip.dyndns.com, so that the script uses your outbound ip (which should be your public ip).
EDIT:
If you want to access your LXC Container from inside your lan with the same URL as from the outside you can add a static address record for it with its local ip adress as described here: https://doc.turris.cz/doc/en/public/dns_knot_misc
That would be the next step. First, it must gain access from the public IP and if it is behind NAT (it has a local IP on the WAN) then there will be a problem.
Yes, You‘re right, this is required.
But if he is in control
of his upstream router (which I assumed) he can set up port forwarding on both routers, which should work, even if it‘s a double-nat setup
@RomanHK I have public IP (floating) and I want to detect potential IP changes using DDNS. I’m not behind NAT and I have full control of both routers.
@protree Thank you for the tip with http://checkip.dyndns.com/ URL.
I still don’t understand how can I route it to LXC container. Do I have to set anything in Network>Hostnames or Network>Firewall or elsewhere? Traceroute shows request is forwarded to TO:
1 * 192.168.1.1 (192.168.1.1) 1.839 ms 1.491 ms
2 192.168.0.1 (192.168.0.1) 1.953 ms 1.305 ms 1.820 ms
3 * * *
…
Btw what is your prefered DDNS service?
Okay, for DDNS to work, you must first register and get a DNS name (for example: https://dyn.com/dns/ or somewhere else - choose from DDNS plugin)
P.S. I use a classic registered domain, so I don’t address DDNS.
@RomanHK ok, I have the domain pointing to mine public IP. What’s next? How can I forward it to LXC container? I tried Firewall - Port Forwards but couldn’t get it working. Thanks.
You need to set up a port forward on your Upstream router from your Upstream Router to the IP and port of your TO of the port forward you set up on your TO, too
EDIT:
<public ip>:<public port> -> Upstream Router -> Port forward from <public ip>:<public port> to <TO ip>:<TO port> -> TO -> Port forward from <TO ip>:<TO port> to <LXC ip>:<LXC port> -> LXC containerThe next steps are written by @protree, I agree, you can use DMZ - if the router supports it.
I recommend to set static IP to Omnia on WAN port.
I still don’t understand how can I open eg. port 8888 and forward to to my containers port 80.
in the first router perform port forwarding from WAN (public IP) from port: 8888 -> on LAN (IP WAN Omnia 192.168.0.2) to port: 8888
in Omnia router perform port forwarding from WAN (192.168.0.2] from port: 8888 -> on LAN (IP LCX machine 192.168.1.195) to port 80
First, make port forwarding and then DDNS operational. These are two different things.
@RomanHK don’t I have to allow the port in firewall first? Will forwarding do that for me?
Can I forward 192.168.1.1:8080 (TO) to 192.168.1.195:80 (LCX machine) as well?
I don’t know how you have IP addresses but suppose:
first Router = WAN public IP, LAN 192.168.0.1/24
second router (Omnia) = WAN 192.168.0.2, LAN 192.168.1.1/24
LXC machine: 192.168.1.195
What about this…
TO = WAN 192.168.0.2, LAN 192.168.1.1
LXC machine: 192.168.1.195
When I open 192.168.1.1:8080 I want to see 192.168.1.195:80, but I can’t get it working either. Thanks.
You’re doing it wrong. The correct address must always be WAN IP (http://192.168.0.2:8080).
Is schema right?
@RomanHK yes, that’s right, thanks.
The problem is, I have this shitty router “UBEE UVW3226” from UPC and I have no idea how to properly forward ports or use it as DMZ client because there is no such option.
Manual CZ:
Page 41 - “Port Forwarding”
Page 46 - “DMZ” = Adresa IP: 192.168.0.2
I know, but my router doesn’t have such settings. Probably different software version or something. I have to get through their support which is a real challenge 
.
