How to Homelab: Considerations for adding a Domain to your Gear

You are one of those rare youtubers when you should give thumbs up even before the video starts. =-)

nkmicros

I’m in a masters degree for “CyberSecurity”. I have learned more from your tutorials about security best practices and hardware/software information. I’m currently following your low power build guide to build out my first home lab. I had trepidation on going beyond just using my current PC and VMware desktop, to purchasing dedicated hardware for servers but I have decided to take the leap. Thank you for the amazing content, it keeps me motivated to learn and expand my knowledge bank.

minibit

loved it. Explained it so simply that a simple Joe like me could understand it in the first go! Great job.

sdad

Fantastic. Great info and stated clearly. It's hard to find content like this which provides a deep enough dive without going too deep into the weeds and getting sidetracked.

MrMcp

This is me being "the internet" to tell you you're wrong. But not in a mean way. I think you do great work and appreciate much of your content, like your Ansible series. However, I believe it is worth clarifying your description of a typical residential network topology. In my experience, there is no DNS server in the "router" device in most residential networks. Instead, there is both a DHCP server and client. The client listens on the "WAN" side and is assigned an IP address and one or more DNS server addresses. Those DNS servers are typically operated by the Internet Service Provider. The residential gateway device (a.k.a. "router") merely "parrots" the DNS server addresses it was assigned by the ISP to the in-home devices when assigning them network configurations in response to DHCP requests from devices connecting to the LAN ports or via WLAN (home WiFi). So there is no DNS running on the "router" as you show in your diagram. DNS requests from in-home devices merely pass through the residential gateway / "router" like any other IP traffic. Maybe things are different with your provider? PfSense does run a DNS resolver, and that is why you can so easily create a FQDN for your internal LAN clients. Most of your residential viewers, however, likely would have to stand up their own DNS server and then modify their gateway device (router) configuration to serve that internal IP address as the Primary DNS Server address in its DHCP responses. Better, if they are going to stand up DNS inside their home LAN, they should probably also make that a DHCP server as well because (like with PfSense), it can be integrated with the DNS server to auto-generate DNS entries for local devices inside the home. Of course, it would be important for the DHCP server on the "router" device be disabled so that the two won't conflict. Fun, fun stuff!

Jay you nailed it! This is by far the best and simplest explanation that I could find. Thank you!

Tom_Azin

This is exactly what I have been searching for, thanks a lot :^)

Felix-vehs

@LearnLinuxTV Please do a follow-up video on building our own DNS server!

camerontgore

Thank you so much for this! All I needed was how to specify the key location. Could not figure it out. Your video made this clear.

innesleroux

I have just added my private domain to my router (Asus RT-N12+) settings and now I can ping my laptops using fully qualified domain names. Thanks :)

ArturBrandys

I use pihole for local hosts. I also have my own domain name, I use cloudflare to manage it for free, it also has a docker ddns app that keeps checking for IP change. I also use nginx Proxy manager to access all my apps with HTTPS

valterschmaltz

Question about your port forward rules at 27:00. Why is the Dest. Address "proxy_external_ip" instead of WAN address like the others?

samo

Samba, if you compile it from source, can host an Active Directory database, simulate a Domain Controller and can be managed with Windows tools (RSAT). I can't quite recall if there's a samba-ad-dc package available in Ubuntu. But you still have to do more work to integrate isc-dhcp and bind9 with Samba to get something that behaves like a Windows DC. SambaWiki has everything you need. If you don't need user and device management, the stuff in pfSense is enough to have a DNS domain name accepted externally and reverse proxies to internal servers. Just take care to secure all that stuff, it's the Wild West out there.

TiagoJoaoSilva

Can you maybe do another more in depth tutorial on how to set up virt-manager with bridged networking using the gnome tools? I wanted to switch from Virtualbox to kvm with virt-manager which I did succesfully, but I haven't been able to set it up so I can connect to VMs over the network with a vnc connection, or for example reach a website running on a VM. I am using Arch Linux with gnome and systemd networking, and want to have a VM on the same local IP space as my LAN hosts, so 192.168.1.{1..100}. (above 100 is dhcp). Maybe this can't be configured only with GUI tools (nm-connection-editor), but also needs some configuration file editing. It is definitely not as easy as Virtualbox unfortunately.

voiceoftreason

do you have a video that talks about https forwarding with proxy like do you leave it off on the actual server and only have the proxy server handle the HTTPs curts

jotdot

Hi Jay, consider video about bind9 configuration - subject is hard!

piotrpytkowski

A better way to configure this would be to have your local domain be something like mydomain.aaa and they have your computers be a.mydomain.aaa, b.mydomain.aaa, c.mydomain.aaa, etc. You *should* be able to set the local domain in your router to mydomain.aaa. Then, any requests for *.**mydomain.aaa** would be routed to your local router. If you have a hosts file configured on one of your local computers, it would have the mapping of names to IP addresses and your router could send all requests for **mydomain.aaa** to that local computer which could forward to the requested computer on your local network. I do not think this would be too difficult for most people to set up. It is possible that you *may* even be able to set the equivalent to a hosts file in your router.

Hybrid.Robotics

Hello Jay.
Thanks for the video. Good jog.
Do you mind to share witch pfsense appliance do you use/recommend for home users?
—
Alex

nationalibus

In my experience, most residential IP addresses are effectively static with them only changing if you make the ISP’s internal DHCP server think it is talking to a different device (change in MAC address, hostname, etc on your router).

samuelgodfreyhendrix

I personally use a domain controller on my Linux network, but I've operated for years without one - The main reason I use one now is automatic DNS population for systems on my network, without having to worry about systems with dynamic IP's and what not. I can of course just set everything up static and do it manually and I do know how to do this, but I find that having a DC just makes my life easier in this regard. I do use samba 4 as my domain controller. Do you have or know of any example of Linux/BSD specific alternatives that can achieve similar results? I'd be interested in know what is out there.

MarkParkTech