quick install split dns

  • Last Post 28 July 2020
test123 posted this 26 July 2020

So i am running the quick install

> Reading package lists... Done Checking settings... The specified
> domain minecraft.DOMAIN.ca resolves to but your externa 
> l IP is 2xx.xxx.xxx.xxx - Aborting.

I am running split DNS. So internally, my dns reports a local ip address. But externally, it reports the public IP address. Perfectly fine and all works fine.

This apparently breaks your installer? and it abruptly breaks. I am not making this server internet accessible for now, was just trying to install https for use internally. dont see why it should fail here.

I re ran the installer without https now. and it seems to be installing.

Order By: Standard | Newest | Votes
Mike posted this 26 July 2020

If you're using any kind of oddball DNS that doesn't resolve the same internally and externally then you'll need to set up https yourself. The installer is designed to stop if there's anything unusual. This behaviour is intentional and by design.

test123 posted this 27 July 2020

oddball? If you are natting your internet connection through a router then you would have both public and private ip space in use. This is most people. If you run your own servers, you probably run your own dns. So how is any of that odd.

Mike posted this 27 July 2020

It's pretty unusual to have a DNS entry that resolves differently internally and externally, and it's ultimately unnecessary if your router supports NAT reflection (which most do). In that situation the installer can't verify the setup is valid and guarantee that the configuration is correct so it won't attempt to configure a webserver if it can't be absolutely 100% certain that the configuration is valid.

You can still use AMP despite this, but you must select "No" when it asks you if you want to use HTTPS, and then run ampinstmgr setupnginx afterwards and then review the nginx configuration it produces.

test123 posted this 28 July 2020

nat reflection is a hack and not a proper or secure way to run a network.

i was able to install without https so i am just going to leave it now. i thought you would want to know about this flaw in your installer. i clearly thought wrong. good day sir.