Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How did you solve the problem of getting a stable mapping from DNS name to IP address?

For me, that's the big challenge; all I have is home internet on a dynamic IP provided by one of the big cable monopolies in the US.



My ISP simply gives everyone a static IP by default.

I know of only one ISP in the Netherlands that uses CGNAT and there you can ask support to fix it, which takes them 24 hours. I learned that the hard way when wanting to have a gaming night, hosting a factorio server in my student room. No gaming night for me, or so the ISP thought while rubbing their hands. It took me a bit but I eventually managed to proxy the UDP traffic somehow, not sure anymore if I used hole punching or somehow encapsulated it in TCP and reverse SSH tunneled or something. (Edit: on second thought, pretty sure I asked the other participants if they had IPv6 -- they did not -- and then proxied the traffic from my server via IPv6 using iptables. /edit)

We are quite fortunate with having had an early ISP community that managed to gobble up all the IP addresses we'd need for a good long while, and our population is relatively stable compared to other parts of the world. I know not everyone is this fortunate. (Hello ipv6...)

Even in a place like Germany, it seems one needs to be a business connection to get this service, it's simply not offered for consumers at all that I could find in some town in NRW. This is why I'm so happy the Netherlands has ISPs like Freedom (successor of XS4ALL) and Tweak who not only care about being cheap. Even if you don't use Tweak or Freedom, I feel like it keeps the local competition sharp.


You can use something like dynamic dns updaters[0]. They run on the box and when they detect that your ISP has changed your IP will update the DNS records accordingly.

[0] https://github.com/timothymiller/cloudflare-ddns


Here are several things that you can do (from more to less affordable):

- Setup public IP updating. You server runs a daemon that updates the DNS record automatically. You can do that with NameCheap. ($)

- You can pay 5$ to have a digital ocean droplet that acts as a reverse proxy that just forwards traffic to your real server. ($$)

- You can pay for "entreprise" service and get a static IP. ($$$)


One option would be to use Cloudflare Tunnel [1]

You would run a program on your system which connects to Cloudflare. The traffic goes to Cloudflare first, and then gets forwarded to your system.

[1] https://blog.cloudflare.com/tunnel-for-everyone/


I keep being amazed how the self-hosting community loves to recommend "just send all your traffic through cloudflare". It's the antithesis of self hosting.


Cloudflare Tunnel can be a step in the right direction. That said, I maintain a list of selfhosted alternatives here:

https://github.com/anderspitman/awesome-tunneling


Nice, thanks for the list! Do you have any recommendation how to tunnel from a VPS to my home server if I'm already using Tailscale? Just use any old reverse proxy like Nginx/Traefik/Caddy?


Yep, exactly. Just use the Tailscale IPs or domains in your reverse proxy config.


Caddy supports .ts.net domains and will pull the cert from the running Tailscale daemon on your system. And even better integration is coming soon, Tailscale is working on things.


Sounds great. I'm not in a rush, so maybe I'll just wait until Tailscale releases whatever they are working on.


I'd say that "self-hosting" is defined by where your processing and data reside, who controls these.

But if you want to be accessible to the outside world, you need to direct your traffic outside; I don't see a substantial difference between routing your traffic through Cloudflare, Comcast, Equinix, or any other major connectivity provider.


> I'd say that "self-hosting" is defined by where your processing and data reside, who controls these.

And I would mostly agree so long as you're the only one who has access to said data. There will always be "ISPs", of sorts, that your data needs to pass through; that's simply how the internet works.

The nitpick about Cloudflare is that they are starting to act as a gateway to the internet. Maybe you can turn their fronting off if they start giving you trouble, or maybe your registrar also runs behind Cloudflare. Anyway, bit of a philosophical discussion how much power to vest in one company.

The real trouble is that their main offering involves giving them the private keys to your traffic. I don't know if that's also the case with this Tunnel product, but at least for regular websites, then they process your actual data, as with the bank example (a colleague at said bank was not happy).


Cloudflare tunnel even lets me host a vanity website (potateaux.com) from a NAT'd LTE uplink using a regular phone hotspot. Game-changer, especially given the price!


I like ngrok


There are free dynamic dns services available. dns.he.net is one.

Try not to worry too much about what happens when your IP is reassigned before you can update the name.


You can rig up your own dynamic dns pretty easy. Most dns services have some simple api you can use so usually it’s just a curl line in your cron tab to run every minute.


Personally, I host my DNS with dyn.org, and use something like ddclient (which runs on my Linux firewall/router) to update my DNS records with Dyn in the rare event it changes. I've never had issues with it.


I have a cron that updates the DNS entries on Cloudflare with my current IP address. This runs every five minutes.


Mind sharing your script? Just want to compare :)


This is to update a record named jellyfin. Its a python script.

  import json
  import requests
  
  IP_API = 'https://api.ipify.org?format=json'
  CF_API_KEY = # Cloudflare API Key
  CF_EMAIL = # Cloudflare email address
  ZONE_ID = # Zone ID
  RECORD_ID = # Record ID for this DNS entry
  
  resp = requests.get(IP_API)
  ip = resp.json()['ip']
  
  
  resp = requests.put(
      'https://api.cloudflare.com/client/v4/zones/{}/dns_records/{}'.format(
          ZONE_ID, RECORD_ID),
      json={
          'type': 'A',
          'name': 'jellyfin',
          'content': ip,
          'proxied': False
      },
      headers={
          'X-Auth-Key': CF_API_KEY,
          'X-Auth-Email': CF_EMAIL
      })


I have a cron job that updates my domain's records at digitalocean every hour via their API. But in practice my ISP only actually seems to issue a new IP if I restart my router.


If you're lucky and your ISP supports dynamic DNS updates: Get a router/gateway capable of running OpenWRT (alternatively some routers might support this natively, or you could setup an old PC for routing), use the appropriate client and set it up to adjust the DNS record [0].

[0] https://openwrt.org/docs/guide-user/services/ddns/client


> How did you solve the problem of getting a stable mapping from DNS name to IP address?

I technically have a dynamic IP, as the ISP also sells an upgrade to a guaranteed static IP which I don't pay for.

However, I've been getting assigned the same IP consistently since 2013. I used to use a dynamic DNS service to keep track of it but stopped doing that since it never changes.


It never changes until it does. And eventually it will. Just be ready for it to change if anything you count on relies on it. I know this from experience (and far more than just mine).

P.S. - I pay for a static IP from my ISP. Don't count on that never changing either. I know this from experience.


You can set up your domain to have very short TTL (like 2 minutes) and have a script polling your external IP every 2 minutes to watch for IP changes, then have the script change the records of your domain when the IP does change.

Most nameservers provide a REST API for updating records so this is very easily done.


But don't set your TTL too low or many caching resolvers will ignore it and use a default instead!


In my country the dynamic IP's at most fiber providers are so long lived / stable, we can basically treat them as static. You have to phone them if you want force renew your ip address because doing it from our side, we end up with the same public address. I appreciate this behaviour from my provider. Boring & predictable. Just check it once a month if it is still the same.


I moved to an ISP that provides a static IP for $5 extra a month.

But before that I created a service for looking up my ip address and hosted it for free at fly [1]. Then I setup a script in cron to update my dns every 5min if it had changed.

[1] https://fossil.chillfox.com/echo_ip/index


I guess this depends, but most ISPs where I live will do a static IPv4 for residential. Mine also does a /56 IPv6 allocation if you ask.


Once upon a time I ran a local Shoutcast radio server on Winamp 2 and used no-ip.org to configure a DNS name dynamically


Most ISPs offer a static IP address as an add-on or higher-cost service. Might vary depending on where you live, though.


Dynamic DNS has been a thing since the first dotcom boom. Your router probably already supports at least one service.


I'd call your ISP, because mine is not small and offers "business" class service which costs the same as residential, reserves a static ip, and slightly boosts uplink speeds.


Dynamic DNS as others have mentioned. Or, many ISPs will provide static IPs for an additional cost, but you may need to switch to their business service.


I didn't see this as an answer, but use Tor (: It has the side benefit that it's harder to discover your service(s) on the wider Internet.


Good suggestion! I used this in 2014. Blog post about it: https://lucb1e.com/?p=post&id=120 (Btw, I no longer vouch for the quality or correctness of an 8-year-old post of mine.) I remember that the latency wasn't amazing or anything, but I apparently found it acceptable enough to use it for SSH.


What does a static IP cost over there? It was a US$7.50 one off charge here in New Zealand.


Duckdns.org


ddns tools like noip.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: