vps header 1200x200

4.4 Local versus Public Domain Names and IP Addresses

In this article, we will review two questions. The first is whether and how to use a local domain name. The second is whether and how to use a local IP address. We will then explain how to install a static IP to a VPS with a bridged connection.

Local Domain Names

When you are first developing a website, you may not have or want to use a real public domain name. Instead, you may want to use a reserved domain name like example.com or a reserved top level domain (TLD) like dot example or dot test. I have used dev.test and example.com in the past. But these are difficult to get an SSL certificate for.

Others have advocated for the use of dot local as a local domain name (for example, mynetwork.local). The problem with dot local is that it is not a reserved TLD. In addition, the TLD local is now used by a local network program called Multicast which in turn is used by the Linux program Avahi. Any DNS query for a domain name ending with the label local must be sent to the mDNS IPv4 link-local multicast address 224.0.0.251. This service will automatically resolve the private IP addresses and respond to mDNS hostname.local queries.

Avahi is available in the LMDE Software manager. Once installed, Avahi automatically uses your computer's hostname plus the .local extension as it's domain name. So if your machine's hostname is mediaserver, then you can access it on the network by typing mediaserver.local into the URL bar of any computer that has Avahi installed on it.

Others have advocated using dot lan (lan stands for local area network). However dot lan is also not a reserved TLD. So it is not wise to use dot local or dot lan.

Another option is to buy a real domain name and use that for local development. This will help with getting an SSL certificate for local development. It also helps when setting up custom email accounts in a test server. It will also help with DNS resolvers. You may need to add DNS records for the domain name and sub-domains via your domain name hosting account.

I have a domain name localdevtest.com that I use for local development. You can also use a sub-domain of a domain that you already own. For example, I own the domain name davidspring.org. I could use the sub-domain local.davidspring.org for local development.

Public versus Private IP address required for SSL certificate

01

Domain names whether public or private can be linked to an IP address using the etc/hosts file.

02

However, we also need to understand how nameservers shown in the etc/resolv.conf file treat public versus private IP addresses. To see your current name servers, open a terminal on your home computer and type

cat /etc/resolv.conf

Here are my current name servers:

03

127.0.0.1  can resolve local hosts, but not public domain names. You can solve this by adding 192.168.1.1 as the secondary nameserver in /etc/resolv.conf file. You can also add a public domain . resolver like Google 8.8.8.8 or and even better public domain name resolver called DNS Watch 84.200.69.80. You can see above that my resolv.conf file tells me that it can only work with three name servers.

Recall that we should never change the resolv.conf file directly.

I added the DNS Watch Name Servers using Network Connections (aka Network Manager):

04

I added the Google Domain Name servers using the file /etc/dhcp/dhclient. On line 26, I added the following:

prepend domain-name-servers 127.0.0.1, 8.8.8.8, 8.8.4.4;

Open the file as root and change the file to this:

prepend domain-name-servers 127.0.0.1;

Then save and close this file. Then restart your laptop. Then open a terminal and type:

cat /etc/resolv.conf

Here are my revised name servers:

05

Some tutorials also recommend setting the name server using the etc/network/interfaces file. But as we have discussed previously, there are many times when this will not work as other files may have priority over this file. Even worse, using this file can cause an entire network to go down.

You can test the DNS name resolution process by pinging a hostname:

ping -c 3 debian

06

However

ping -c 3 ns03

or

ping -c 3 ns03.example.com

results in this:

07

ping -c 3 davidspring.org

shows IP 107.161.37.75

https://www.whatismyip.com/ip-address-lookup/

confirms that this is a Canadian server owned by Pretecs Networks which is also known as fullhost.ca which hosts all of my domain names.

Your Public versus Private IP Address

To see your public IP address, go to

https://www.whatismyip.com/

08

This is the public IP address given to me by Comcast. Public IP addresses are required for any publicly accessible network hardware such as a home router and servers that host websites.

My private IP address is determined by my router and is 192.168.1.1. Go to

https://www.whatismyip.com/ip-address-lookup/

and enter 192.168.1.1

09

With private IP addresses, the devices in your home can have the same private IP addresses as your neighbor's devices and they will not be able to see each other. This is because private IP addresses are non-routable to the public Internet. They are only routable to devices that are connected directly to your private router. Your router serves private IP addresses to the devices privately connected behind your router.

Because these private addresses are restrained from reaching the public Internet, you need a public IP address that can reach the rest of the world. Your Internet Service Provider (ISP) delivers public IP addresses of public domain sites to the devices that are publicly connected to the internet (like your router).

When you open a website from your computer, the request is sent from the computer to the router as a private IP address, after which the router requests the website from your ISP using the public IP address assigned to your network. Once the request has been made, the operations are reversed: the ISP sends the address of the website to your router, which forwards the address to the computer that asked for it.

Private and Public IP Address Ranges

Certain IP addresses are reserved for public use and other IP addresses are reserved for private use. The following ranges are reserved for use as private IPv4 addresses:

10.0.0.0 to 10.255.255.255

172.16.0.0 to 172.31.255.255

192.168.0.0 to 192.168.255.255

The 192.x.x.x addresses aren't registered publicly, which means they can only be used behind a router as private IP addresses. This range is where most private IP addresses fall, which is why the default IP address for most routers is an IP within this set, such as 192.168.1.1.

Why Public IP Addresses Change

Most of the time, you do not need to know your public IP address. But what you do need to know is that the public IP address you have been assigned to today might not be the same as the public IP address you are assigned to tomorrow. Most public IP addresses change, and relatively often. Any type of IP address that changes is called a dynamic IP address.

When ISPs were new, users connected to the internet for only a short amount of time and then disconnected. An IP address that was used by one customer would then be open for use by another that needed to connect to the Internet. This way of assigning IP addresses meant that the ISP didn't need to purchase a large number of addresses. This general process is still in use today even though most people are always connected to the internet.

However, most networks that host websites have static IP addresses because they want to make sure that users have constant access to their server and our DNS system assumes that your website IP address is static.

Best Dynamic DNS (DDNS) Providers for Home Networks

One of the biggest challenges for Home networks wanting to host their own websites is that they are assigned a dynamic IP address by their ISP. What a DDNS Provider does is keep track of the dynamic IP address assigned to you and route it through their service. When the ISP changed your IP address, the DDNS service updates their records allowing your website to appear to have a static IP address even though it has a dynamic IP address. Here are two of the best free DDNS Providers:

Dynu Free dynamic DNS service with an easy to use control panel, third-level domain name support, top-level domain name support, global servers, and more. Here is their website:

https://www.dynu.com/en-US/

10

YDNS Free DNS hosting service with unlimited hosts per user, DNSSEC2 support, mail configurations, and more. With YDNS you can create a dynamic DNS for hosts to transform a home network into a permanent hostname. You can manage your domain through the web interface.

11

Assign an IP to a Bridge VM creating during VMM Install

When we create a VM with VMM using the default NAT connection, VMM assigns a static IP address which is retained even if we replace NAT with bridge0. When we create a VM with a VMM using a bridge0 connection that has a manual IP, VMM also assigns a static IP to the VM (ns02 192.168.1.54). However, when we create a VM with VMM using a bridge2 connection that uses the Automatic (DHCP) method, VMM does not assign a static IP to the VM (ns04).

Here we will look at other ways to assign an IP to a VPS created with a bridge2 connection. We will compare a bridge0 connection with a manual IP to a bridge2 connection with an Automatic (DHCP) connection.

12

compared to bridge2 automatic (DHCP):

13

Note: To use bridge2, we need to remove the slave from bridge0 and bridge1. Then restart the laptop so enx0 is available for bridge2 to capture and use. We can then use nmtui to confirm that bridge 2 is activated. Finally, use the file manager to add the bridge2 XML file to /etc/libvirt/qemu/networks so VMM can see bridge2.

<network>

<name>bridge2</name>

<forward mode='bridge'/>

<bridge name='bridge2'/>

</network>

Then click Save and Close and close the file manager.

14

Then open your terminal and copy paste this command:

sudo virsh net-define /etc/libvirt/qemu/networks/bridge2.xml

The terminal should reply: Network bridge2 defined from /etc/libvirt/qemu/networks/bridge0.xml

Then start the network with this command:

sudo virsh net-start bridge2

It should reply that Network bridge2 started. Then set the network to autostart with each reboot with this command:

sudo virsh net-autostart bridge2

It should reply that Network bridge2 marked as autostarted. Then to confirm the network status, copy paste this command.

sudo virsh net-list –all

15

Close the terminal.

Solving Problem Activating Wired connection 1

The Gigabit adapter option was not showing when I clicked on the Networks icon in my task bar. Hoping to get it to appear, I created and tried to activate Wired connection 2 with the enx0 device.

I removed the slave from bridge2 and even deactivated bridge2 so that enx0 would be available for Wired connection 2. When I tried to activate Wired connection 2 with nmtui, I got this error: Could not activate connection not available on device because device is strictly unmanaged.

Here was my problem. I had placed enx0 to a etc/network/interfaces file with the following code (which helped to assign an IP address to ns02):

# The loopback network interface

auto lo

iface lo inet loopback

# Set ifaces to manual to avoid conflicts with network manager

allow-hotplug enx0

auto enx0

iface enx0 inet manual

address 192.168.1.110/24

gateway 192.168.1.1

#Network address settings

network 192.168.1.1

# Bridge setup

auto bridge0

iface bridge0 inet static

address 192.168.1.111/24

gateway 192.168.1.1

bridge_ports enx0

bridge_maxwait 0

I therefore deleted this code and restarted the computer. Actually, the above code did help. Because now ns02 no longer has an IP address. See if ns01 has an IP address. It does not.

Now the Gigabit Ethernet device is displayed again when I click on the Network icon in my task bar.

16

Now turn off Wireless. Then add the enx0 slave back to bridge2. Then delete Wired connection 2 so that enx0 can be used by bridge2.

Use VMM to Create ns04

Once we have enx0 working properly again and displaying when we click on the Network icon in our taskbar, we can then open VMM and use it to create ns04 with the bridge2 connection. Note at Step 4 that you can only create a total of 4 VPS if you have a 120 GB hard drive unless you have an alternate custom storage, like an external drive, attached to your laptop:

17

At Step 5, rename the VPS ns04 and select bridge2:

18

Call the new VPS ns04 with example.com as the domain name. When install is completed, log in and type ip addr. Sadly, enp1s0 has no assigned IP address. We will now try to add an IP address with the hosts file. Sadly, because we have no IP address, we can not even use an SSH session to help us with copy pasting and capturing screen shots.

Option 1 Assign an IP Address with the hosts file

Type sudo nano /etc/hosts. The top line is

127.0.0.1 localhost

The second line is

127.0.1.1 ns04.example.com ns04

Change the second line to 192.168.1.130

Then save and close the hosts file. Then type ip addr

Enp1s0 now has the IP address 192.168.1.59.

Type sudo nano /etc/hosts. Change line 2 to 192.168.1.59. Then save and close the hosts file. Then type ip addr

Enp1s0 still has the IP address 192.168.1.59.

Then sudo poweroff to stop and start ns04. Then type ip addr. Sadly, enp1s0 no longer has an IP address.

Type sudo nano /etc/hosts. The good news is that the host file still shows 192.168.1.59 as the IP address for ns04.example.com.

Open a terminal on your home computer and attempt to start an SSH session with ns04 by typing ssh 192.168.1.59. Great news. We were able to start the ssh session.

Type ip addr show enp1s0. More great news. enp1s0 now confirms that it is using 192.168.1.59

19

This is a much better option that adding enx0 to the interfaces file. As we saw earlier, adding enx0 to the interfaces file might bring it down completely. This is because Network Manager is no longer able to manage this device. But more important, modifying enx0 will affect all connections using this device. Using the etc/hosts file only modifies the ns04 VPS and does not affect enx0 at all. Nor does it affect any other VPS created with the bridge2 device.

The only remaining question is whether Hestia will recognize ns04 - since it is using the IP address 192.168.1.59 rather than 127.0.1.1. We will find out shortly. Type sudo poweroff to end the SSH session. Then close the home terminal. Then close the ns04 screen. Then close VMM.

What's Next?

This completes our chapter on DNS. In the next chapter, we will install Hestia onto our VPS.