hi,
i changed the router of the provider today, after that router is my router running openwrt and nat... i am also using home-assistant remote connect; everything worked fine until i changed the providers router.
Some routers do not support hairpin. In the case of your upstream router (from the ISP), it may not be an option exposed to the user (I know that the Bell Home Hub 3000 doesn't have the capability)
@psherman
i have ISP provider router (running NAS) to which i have connected via eth my router (to its wan) ; my router is running openwrt and NAS, dhcp server etc. All the hosts are then connected to my router via eth or wifi.
So basically the host that is trying to access domain which has one port-forward on ISP router, other on My router is connected to My router.
You may be able to by setting the addresses in the dns server configuration on your Openwrt router. Specifically, the "addresses" field allows you to set a list of domains to force to an IP address.
the entry would be something like /xyz.org/10.0.5.x where x is the IP of the host that is serving the resource.
@psherman
not sure what do u mean ... what option we are talking about? If i go to DHCP and DNS via luci, server settetings i have general/ resolv and hosts files/ tftp settings/ advanced settings/ stratic leases ...
which one you are pointing to? thanks
also i am not sure, as everything worked before i changed isp router;;; so the issue has to be in the isp router not openwrt... as nothing was touched in openwrt settings..
I also tried to untick rebind protection but didnt help.
Actually the correct place to add the hostname is Network/Hostnames
Although, if the homeassistant is getting its settings by dhcp, you could enable the dns option for the static lease entry, so that the hostname will be automatically added when HA is connected.
Ummmmm...isn't "Hairpin NAT" an analogous term for the OpenWrt term "NAT Loopback"???
Using this firewall rule as an e.g. - it allows access to an HTTP server using its public IP or global hostname (which should resolve to its Public IP) from LAN:
Rebind protection means someone setup a LAN IP in the global DNS...that may be likely; but usually NOT the case - because this can cause security issues if not really needed.
The most common use case would probably be for routers connected to networks with Private IP address and internal DNS servers giving out Private IPs of Private servers (i.e. no Public Internet).