Trying things till they work!

This summer I bought my first home and decided on changing my ISP. While the new ISP's home Wifi and TV setup were far superior, I quickly ran into limitations with their router.

For the first week I had their service I was convinced that the port-forwarding on their router wasn't working. I was unable to hit my lab server despite having pointed my DNS at my IP and ensuring all config was correct.

I was so frustrated. I even cancelled and changed providers due to their lack of any kind of "support for advanced features". I ended up switching back shortly after due to the alternate ISP requiring cable to be run all through the house, with no option for whole home mesh wifi.

It wasn't till I switched back and tried  to get my home lab serving to the internet again that i realized the port-forwarding was always working!!!!...JUST NOT FROM INSIDE MY LAN!!!! On mobile networks or any outside network, I was able to reach my forwarded ports, but if I tried form inside my network...timeouts.

ran a quick tcpdump to confirm that I was losing the packets inside the ISP's router then I eventually found this post that tries to explain the issue:

[Internet] Home Server Setup on Bell Fibe - Bell Canada | DSLReports Forums
Forum discussion: I switched over to Bell Fibe service yesterday from Rogers Cable internet and have had problems with a home server setup I have. It was working quite well on Rogers but not since the cutover to Bell. I was on a call with Bell support today and was to

After pondering my options, I realized I really need to go back to running my own internal WIFI/LAN and just keep the ISP equipment for the wireless TV receivers. Providers have likely have no interest in providing any "advanced" options, and for someone who wants to get adventurous  with home networking, the general gear just won't do. Then there's the whole security angle of having a firewall between me and "them". I am not a fan of serving Wifi and DHCP from a router they can remote into anytime and is logging this info.

Alas, until I can splurge for some Ubiquiti gear, I decided I'd check out pi-hole to resolve my domain on my local LAN for my lab gear.

Shout out to Chris Phillips for this HELM jump off point.

ChrisPhillips-cminion/pihole-helm
Contribute to ChrisPhillips-cminion/pihole-helm development by creating an account on GitHub.

I forked it and updated the config accordingly for MicroK8s, will push to github soon!

During the adventure, I ended up disabling systemd-resolved, which was quite and adventure and cause me a lab outage, but after a night of hacking around, I have pi-hole serving DNS internally a Node Port :53 of my MicroK8s cluster.

I can finally reach mattymo.io from inside my LAN!!!

I will definitely retire the pi-hole eventually moving core DNS services out to some proper prosumer Networking gear...but may keep it around for monitoring DNS on $KID1's computer!

You’ve successfully subscribed to mattymo.io
Welcome back! You’ve successfully signed in.
Great! You’ve successfully signed up.
Your link has expired
Success! Check your email for magic link to sign-in.