To make sure the terminology isn’t causing confusion a DNS domain is the part after the first dot. The record name is the part before the first dot. The fully qualified domain name (FQDN) is the whole lot (strictly speaking it also needs a dot at the end). A sub-domain is a child domain of a parent e.g. ‘yahoo.co.uk’ is a subdomain of ‘co.uk’ and ‘co.uk’ is a subdomain of the top level domain ‘co’:
Domain: microsoft.com
Record name: www
FQDN: www.microsoft.com.
I don’t understand your thought around subdomains but it’s not the technology you’re looking for (a little Star Wars thrown in there as DNS isn’t a thrilling subject).
So you’ve got multiple internal hosts (all running in VMs):
plex.dom.co.uk – 192.168.0.10
torrent.dom.co.uk – 192.168.0.11
web.dom.co.uk – 192.168.0.12
exchange.dom.co.uk – 192.168.0.13
(I’ve made up hostnames and IP addresses of course).
For traffic from the Internet to make it to any of these VMs then the traffic needs to get to the external IP of your broadband router (sorry if this is all obvious stuff – you don’t give many clues on how familiar you are with it but I’ve got a hunch you may know all this already). For traffic to get to your broadband router there are three options:
- Have an Internet IP address for each. That would require you having four or more external IP addresses. This used to be common but isn’t a standard for home users. This would require use of NAT.
- Have one external IP address and use port forwarding to decide where the incoming traffic is sent. This would require use of PAT or port forwarding as its better known.
- Have one external IP address and use a reverse proxy. I don’t think IIS can do this other than extremely simplistic web site reverse proxying – I’m not great with IIS so I could be wrong. Microsoft’s software for this type of thing was IAS then TMG but both are discontinued. This is the most complicated of the three options.
I’m going to hope and assume that you’re ‘option 2’ (because it’s the most common and the easiest). When traffic arrives at your external IP address it will be addressed to a specific TCP port (e.g. unencrypted web traffic is addressed to port 80). Provided everything you want to access is on different TCP ports then you should be able to use port forwarding to send traffic to the internal IP address but configuring your broadband router (I don’t know for sure that your router will have this facility but it’s pretty standard even on ISP freebies):
• Traffic for TCP 32400 should be forwarded to 192.168.0.10 on port 32400 OR leave it using UPnP or NAT-PMP (see below).
• Traffic for TCP 80 should be forwarded to 192.168.0.12 on port 80 (for HTTP)
• Traffic for TCP 443 should be forwarded to 192.168.0.12 on port 443 (for HTTP)
• Traffic for torrents will need to be on a non-random port and forwarded in the same way. You’ll need to set your torrent client not to use a random port OR leave it using UPnP or NAT-PMP (see below).
(all addresses above a made up and correspond to the made up addresses at the beginning of this post)
Depending on what you’re doing with Exchange you may need to forward a variety of ports and get additional entries in public DNS for mailbox discovery. You may also need to change default ports to prevent conflicts with your web server.
UPnP and NAT-PMP allow a router, with this protocol enabled, for automatic NAT/PAT configuration by applications. Torrent clients and Plex can both use this to allow connectivity from the Internet, direct to a computer running a torrent client or Plex. I don’t like it as it’s reportedly insecure (but millions of other people use it so I’m not knocking how well it works).
You only need one DNS entry (other than autodiscover records for Exchange) which needs to point to your external IP address. You can then access everything by using specific ports e.g.
mychosenname.dom.co.uk:80
mychosenname.dom.co.uk:32400/web
That sounds like a lot but it really all boils down to setting up port forwarding on your router for each application you’d like to access direct from the Internet (or using UPnP or NAT-PMP to do this for the friendlier apps like Plex). Direct traffic for each port to the IP address of the VM running the corresponding app.
Hope this is useful (and that you kept reading this far)
Rob
