NAT Loopback (Any easy solution available?)

Hello,
I am a complete newbie in all this so please bear with me.

My modem/router does not support NAT Loopback (Actually my ISP says that it does not).
Bridging the existing modem and using another router is also out of the equation as it is far more complex than I have the time or the knowledge to deal with.

So my question is this. Is there any way to overcome NAT Loopback and have Syncloud installed and accessed both from outside and within my house?

Ideally, the solution should be effortless and embedded in Syncloud.

Personally, once this is resolved, Syncloud will be my only recommendation when the conversation turns to private solutions. Until then, I will keep this only for people who know what they are doing.

Cheers to all!

Hi,

I understand your frustration some users have this issue.

The solutions I know that can work today unfortunately involve users doing some additional work:

  1. Change router. This can be done by users themselves or in theory they can pay some company to do that for them. This is a recommended solution.
  2. Add hosts records on each PC per app: Unable to access device from local network · syncloud/platform Wiki · GitHub

The future state will be of cause swithing to IPv6 completely where NAT does not exist as many users already do: IPv6 – Google

If anyone knows any better solution please let ke know.

Until then, I will keep this only for people who know what they are doing.

Sure you are free to do what you want but I think people can at least try (how would you know if they have this or any other issue).

You also mentioned VPN in the email, interesting can you try installing VPN app from Syncloud store and connect to it that when inside your home network, will it overcome the problem?

I guess Syncloud VPN app may not help as DNS resolution still gives you public IP and you will be connecting from inside the network still.

Another option is actually override DNS resolution inside network to be a local IP similar to client PC hosts override option but in one place for the whole network and this is I think possible with Pi-Hole app which is a DNS server (for Ad blocking).

For me I just installed a VPN on each device that I want to have access to locally (currently using Nord but any one should work)

@sttrebo why did you not replace the router?

If it was just me then I would have done the same. But it is also my wife, not to mention that I’ve convinced a friend of mine (completely ignorant when it comes to technology) to use Syncloud. I am looking for a “set-and-forget” solution.

Hi Boris,
I didn’t quite understand it. You mean to install and configure PI-Hole? If yes, it is getting too complicated for me. The tailscale (vpn) would help only if [app].[username].syncloud.it was accessible with a LAN IP somehow (I think).

IPv6 is coming but I think it will take significant time before we see it in our residential connections.

Any idea to solve this would be really helpful.

Ok the main issue is that DNS points at a public IP which does not work inside a local network behind a router with no NAT Loopback feature.

So we need to either

  1. always be “outside” of a local network (any VPN service)
  2. or we make DNS resolve to a local IP when we are inside local network.

For the second there is a solution Pi-Hole (Syncloud app available) which is a DNS server which forwards all local network DNS requests to the Internet but can also limit them (ad block) and add custom DNS records to override any domain. With custom DNS (special UI in Pi-Hole web app) you can add overrides for each domain, like [user].syncloud.it → local network IP and so on for each app. I am trying to test it right now and it seems that custom dns feature is broken in Syncloud but I am fixing it.

With Pi-Hole you will need to:

  1. Install Pi-Hole app
  2. Configure as a primary DNS on your router (should be as simple as going to DNS server and adding your device IP)
  3. Adding IP overrides in Custom DNS (in theory this can be done automatically)

hi-
i’m using a VPN for other reasons anyway (privacy and security). I do have another router on hand that I am waiting to install, just waiting for a bit of time. also, with my ISP, it’s better to set their router in bridge-mode and install my own router than to replace theirs with a 3rd party router.

@boris some clarifications on the following please:

  • always be “outside” of a local network (any VPN service) : If I install a VPN service on Syncloud how can I assure “external” access? Is that feasible?

  • or we make DNS resolve to a local IP when we are inside local network.
    The PI-Hole looks promising once fixed it and tested.

For outside mode you can use any public VPN service but not Syncloud VPN.

Syncloud VPN is about being inside your home network, for example when you are away from your country but want to watch some home country only TV like BBC in UK.

It is feasible and as you can see @sttrebo does it already.

Just published Pi-hole (v477) with fixed and can be used for adding custom dns records under Local DNS.
Add one record for device itself and one per app pointing at the device local IP.

@boris : Installed and checked pihole with desktops (Windows 10 + Manjaro Linux kde-through netqork manager gui). Success!
I tried to do the same with my phone (Android) but I didn’t find (yet) a proper way to change DNS only. It seems to work only when applying static IP and setting PiHole as DNS.
If I 'll find a better way I 'll let you know.

Great work.

I think usually devices get a dns server from the router when they connect to the network.

Ideally you set one on router your primary dns server to pihole ip as you not want to set it on every network client device because it is valid only when device (phone in particular) is in the network.

Android phones have this Private DNS feature which can override DNS server received from network but it will be wrong to use it outside of lan.

You are right, but … not in Belgium!

Modems from ISPs (mine is Proximus) are completely locked down and clients have only a user account with minimal functionality (e.g. change the WiFi’s SSID, see connected devices, etc).

As you guessed, I can see the DNS server but I cannot change it.
Since I can set up a DNS server manually on desktops (and leave it be) I can live with that.

You are so close to making the setup ISP-agnostic which, in my eyes, is a huge thing!!!