In case the DNS provider failing, I would like to have a DNS entry or route on my Unifi Cloud Gateway to my selfhosted reverse proxy (Nginx on 172.16.10.30:7777). Therefore, I can still reach my applications using the domain. I did create a DNS entry (Settings > Policy Table > DNS). However, I am note able to point it to the port 7777.
TLDR: one.mydomain.com should be redirected to 172.16.10.30:7777 How can I achieve this with the Unifi Cloud Gateway?
DNS doesn’t cover ports. I think Port Address Translation as part of NAT does this? I’m aware of it but never had to use it.
For example you could route traffic using default ports to non default ports. A browser uses 80 and 443 but you could make a rule hitting www.example.com to go to 192.168.0.100:8081 and the browser doesn’t know or care.
Or you could use a remote desktop client set to use rdp.example.com:7777 but gets translated to the usual 3389 so you don’t have to change any of the RDP servers to listen on different ports.
I haven’t touched this in years and I know shitall about reverse proxies so I hope I’m not misleading you but this is where I would start if it were me.
Clarify for me a bit, are you trying to just have local resolution of your self-hosted services, or to have a full failover for public DNS when your provider goes down? Also why is it listening on 7777? Typically a reverse proxy would listen on 80 and 443.
YES! That’s it. (sorry if I have not explained the problem clear enough.)
normal mode: I have setup the reverse proxy and I’m using a public DNS for selfhosted services. Everything works fine.
problem: My internet is down. Hence no public DNS. And now I’m not able to use my self hosted applications.
This is why I’d like to have a local resolution. Because I am now in the unfortunate need of a full failover 😅
I always use different ports and map it during port forwarding. I thought this is safe(er)…
Oh okay, naw you’re good I just didn’t want to make any assumptions. Since you’re only worried about your self-hosted things then the easiest method would probably be to just add local entries for each service into Unifi so that those addresses always resolve to their domains internally without needing to hit your public domain name/IP.