Hi,
-
I have HAOS installed on my RSP4, static IP: 192.168.50.100.
-
Then I setup DuckDNS, and port-warding on router, so that I can use unique https URL to connect from inside and outside my home.
Because my Router does not support Nat Hairpin, I cannot access my Https URL inside my home, I have to use interal IP address to access HA. But when using IP address inside my home, I got “Warning: Potential Security Risk Ahead”, becuase:
Firefox does not trust this site because it uses a certificate that is not valid for 192.168.50.100:8123.
The certificate is only valid for xxxx.duckdns.org.
- So, I installed Dnsmasq on RsP4 to split DNS.
defaults: []
forwards: []
hosts:
- host: xxx.duckdns.org
ip: 192.168.50.100
services: []
cnames: []
DNS Server: 192.168.50.100, 8.8.8.8
My situation is:
-
If I use only the Dnsmasq as DNS server on RSP4’s, if RSP4 is down, all other devices cannot have DNS server.
-
If I apply other public DNS server, i.e., 8.8.8.8, besides my Dnsmasq server.
like: DNS Server: 192.168.50.100, 8.8.8.8. The ip of my HA server I got from DNS server is random. Sometimes I got internal IP 192.168.50.100, sometimes I got public IP of my router.
$ nslookup xxx.duckdns.org 192.168.50.100
Server: 192.168.50.100
Address: 192.168.50.100#53
Name: xxx.duckdns.org
Address: 192.168.50.100
$ nslookup xxx.duckdns.org
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: xxxx.duckdns.org
Address: X.X.X.X
My question is:
How can I setup Dnsmasq to ensure that it ONLY return internal IP of HA when using LAN?