Lab progress thus far
- Set up OpwnWRT on my existing router
- Put switches at center of local network
- Added a NAS with its own reverse-proxy and wildcard letsencrypt via the DNS api
- Added a UPS and NUT server on the NAS for the NAS and PiHole (How cool is NUT!?!)
- Discontinued all DDNS and port-forwarding into my home
- Added Tailscale to every host
- Configured wifi SSIDs for home, guest, and IOT with their own DHCP address blocks and routing rules to block IOT from the web and segment guests and IOT from the lan
- Configured all DNS traffic at home going through PiHole via OpwnWRT firewall, even if a host tries to use 184.108.40.206
My network setup
OpenWRT router runs DHCP and DNS server
OpenWRT router has PiHole as an upstream DNS server
OpenWRT passes its own DNS server out via DHCP
PiHole listens on all interfaces (that means via Tailscale interface too)
How I can help others
- web setup
- ssh configs, remote access, portforwards
- vim setup for remote editing
- reverse proxies with nginx, traefic etc.
- lets-encrypt and certificates
Now I’m looking for a final piece of setup that’s at the edge of my abilities.
I’d like to move from swapping DNS servers manually and editing hosts files to using DNS to solve roaming outside my home LAN while preserving domain names and TLS certificates.
Basically, I want my personal domain address, e.g.
myhost.subdomain.mydomain.tld, to resolve to a local IP when at home, and a Tailscale (wireguard) IP when elsewhere. For example, in the ideal case my iOS apps and music web-apps served from my NAS would have no idea they’re switching between Tailscale and local connections.
How would I configure the PiHole/OpenWRT DNS setups to resolve two IPs for one domain name or host name?
I’m having trouble even knowing what to call this technique, so definitely at the edge of my abilities. It’s basically a single host name with multiple IPs, and I have OpenWRT, PiHole, and Tailscale to adjust to achieve this. At first I thought it was “split DNS”, or maybe something “search domains” could solve, or something leveraging “localise-queries” in dnsmasq, or perhaps special DNS configs purely within Tailscale.
Anyone know what this kind of setup is called?