Using domain name instead of ip:port

lleachii · April 28, 2023, 6:17pm

Not sure what your response means - nonetheless DNS A/AAAA records cannot be used to specify a port.

You could use another Private IP to NAT to another IP, but that's not what you you desire, as you want some kinda port change.

msnews · April 28, 2023, 6:23pm

Thank you. Not a big deal, I just use ip+port.

TjeuKayim · April 28, 2023, 8:00pm

The easiest solution is probably to configure lighttpd-mod-proxy as reverse proxy. Their documentation also uses port '81' in one of the examples, see https://redmine.lighttpd.net/projects/lighttpd/wiki/Mod_proxy#Options

In the future, when draft-ietf-dnsop-svcb-https has gained more adoption, this new DNS record allows specifying different ports. At the moment, Safari on iOS already supports DNS responses like myrouter.com. 300 IN HTTPS 1 . alpn="h2" port=81 ipv4hint=192.168.10.1 and connects to port 81, as I tested with OpenWRT package nsd-nossl_4.6.1-1 that supports that record type. Though most other browsers do not yet implement this.

eduperez · April 28, 2023, 8:01pm

Using NGINX (or other reverse proxy), you can have more than one service on the same address and port.

msnews · April 30, 2023, 10:23pm

good to know, thanks. Nextcloud does not fully support lighttpd(I got some unresolved errors) so I am using nginx now,

msnews · April 30, 2023, 10:24pm

I am using nginx. Can you explain in details?

stangri · April 30, 2023, 10:33pm

If memory serves me correctly, the fakeinternet package does something similar with resolving a domain.com to a local IP (192.18.1.1) and then redirecting requests to port 80 on that IP to 192.168.1.1:88.

Obviously you'd have to duplicate everything it does for each additional domain you need hijacked.

tboege · April 30, 2023, 11:04pm

I am using haproxy to share multiple services on the same port

papdee · May 1, 2023, 5:33am

put luci back on port 80 and configure the webserver to manage the redirects based off the URL so that myrouter.com redirects to 192.168.10.1:81 and mycloud.com to 192.168.10.1:82. Not sure if uhttpd can do this but nginx certainly can.

frollic · May 1, 2023, 6:36am

Apache can too.

spence · May 1, 2023, 1:37pm

If you are using http only and not https then the redirect or reverse proxy should be fairly straight forward to implement.

It may get more complex to also work with https (ssl/tls).

It has been several years since I worked with these issues but another potential solution is to add a secondary IP (alias) and bind one of the http servers to the alias and set DNS names to match if your goal is only for access on the lan. Unfortunately I don't have OpenWrt experience with this to give specific config advice.

gstrauss · May 3, 2023, 5:55am

This is true of any HTTP server, or HTTPS server supporting TLS SNI (server name indication), which includes lighttpd, and includes nginx.

gstrauss · May 3, 2023, 6:01am

lighttpd documentation

As others have noted, you need to configure DNS for domain names.
If you configure DNS with
myrouter.com 192.168.10.1
mycloud.com 192.168.10.1
then you can configure lighttpd to respond to them separately

$SERVER["socket"] == ":80" {
    $HTTP["host"] == "mycloud.com" {
        ...
    }
    #else {
    #    ...
    #}
}
$SERVER["socket"] == ":81" {
    $HTTP["host"] == "myrouter.com" {
        ...
    }
    #else {
    #    ...
    #}
}

lighttpd will still be listening on both ports, and can be configured to respond with a default site different from the other two, if desired.

If you are using TLS, then you should configure TLS certificates with those names, and tell lighttpd about those certificates.

eduperez · May 3, 2023, 9:09pm

The difference is that a pure HTTP server (acting as a server and not as a proxy) will only be able to serve their own content, while a PROXY can be used in front of different servers.

gstrauss · May 3, 2023, 11:20pm

Hi @eduperez, I am a lighttpd developer and well-versed in HTTP and related protocols, including proxying HTTP.

I'm sorry but I do not understand the point you have been trying to make.

You wrote:

Using NGINX (or other reverse proxy), you can have more than one service on the same address and port.

That could have been written equivalently as
"Using lighttpd or NGINX (or other reverse proxy), you can have more than one service on the same address and port."

Again, I do not see the point you were trying to make, other than possibly that you know how to use nginx. Congrats! So do I. I do prefer lighttpd, though I am a bit biased.

eduperez · May 4, 2023, 5:58am

I have absolutely nothing about lighttpd, and I have zero reasons to praise nginx over lighttpd, or my (weak) knowledge of nginx. My point was about the "This is true of any HTTP server [...]" [my emphasis] affirmation in your post, and I just wanted to clarify the difference between a pure HTTP server, and a HTTP server acting as a PROXY.

gstrauss · May 5, 2023, 4:16am

@eduperez I could not find a reference in the HTTP specifications which define what is a "pure HTTP server".

I wrote:

This is true of any HTTP server, or HTTPS server supporting TLS SNI (server name indication), which includes lighttpd, and includes nginx.

The specification for HTTP/1.1 was published in 1997 and has been updated a few times since
1997 https://www.rfc-editor.org/rfc/rfc2068
1999 https://www.rfc-editor.org/rfc/rfc2616 (see "Obsoleted by" near the top for more recent updates)
These specifications contain sections which define "proxy" server and other types of servers.
https://www.rfc-editor.org/rfc/rfc2068#section-1.3 Terminology

HTTP/1.1 requires HTTP requests be sent containing a Host header. An HTTP server compliant with HTTP/1.1 might support more than one "virtual host" based on the Host header, and might support different services for different hosts.

Even with "only" HTTP/1.0, a single site can support more than one service by running difference CGI scripts for different uri-paths, or using the (optional in HTTP/1.0) Host header.

There are many more examples that I could provide, but I do not believe I can gain further knowledge or understanding by continuing this conversation. Perhaps instead of "pure HTTP server" you meant a "simple" or "minimal" HTTP server instead of readily-available, open-source, production quality HTTP servers including (but not limited to) lighttpd and nginx, which have supported HTTP/1.1 and such features for many years.

eduperez · May 5, 2023, 9:12am

I'm referring to the functionality provided by "mod_proxy" in lighthttpd, and similar modules in NGINX, Apache, and many other full-featured HTTP servers, but not in uhttpd and other "lite" servers.

msnews · May 5, 2023, 3:53pm

Appreciate all suggestions! I created two browser bookmarks/favorites referring to different ports, that meets my need.

system · May 15, 2023, 3:54pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.