Using Load Balancer to NAT

General Discussions
1

So I have a few resources setup, many like Plex, do not allow you to modify the running port. In an effort to make things more user friendly for my family I’ve setup a KEMP LB (free version) to NAT the connections for several servers (from 443 to 32400.) This works great for other services, however I’m falling short on Plex. From all the documentation I’ve seen indicate 32400 is the only port require for the web app, but something seems to be falling flat. I’m happy to share information about my config and get into more detail, but I was wondering if anyone else has attempted this to get around the port limitations?

Thanks,
Frank

2

Tried Wireshark? Maybe it tries 32400 after connecting to 443? (Port hard-coded?)

3

The whole DNS rebinding mechanism Plex uses to provide secure connections most likely will not work with the L3 load balancing you are attempting.

4

@darkman738
Can you tell us more about what you are trying to achieve with a load balancer?

How many people/clients are you trying to support.
What machines are you running behind the balancer?

5

@mharald,
I will try to get another capture, but from my initial tests my router was directing traffic to the correct IP. (As I said, the exact config worked for other resources.)

@Ach!lles,
This would be unfortunate but I could get around this with an external port mapping directly to the server on 32400 so apps would work. We aren’t likely to be using a laptop to view the library externally, more mobile devices.

@cayars,
Ultimately what I’m trying to do is make access simpler for the less technically capable/literate in my house. My goal is to allow them to type “plex.mydomain.com” into a browser and view our library. It would be great if this worked externally, but internally is my primary goal. External I can work around whichever limitation as we would typically be using mobile apps externally.

Thanks,
Frank

6

Why not just direct them to plex.tv/web?

7

@darkman738 said:
@mharald,
I will try to get another capture, but from my initial tests my router was directing traffic to the correct IP. (As I said, the exact config worked for other resources.)

@Ach!lles,
This would be unfortunate but I could get around this with an external port mapping directly to the server on 32400 so apps would work. We aren’t likely to be using a laptop to view the library externally, more mobile devices.

@cayars,
Ultimately what I’m trying to do is make access simpler for the less technically capable/literate in my house. My goal is to allow them to type “plex.mydomain.com” into a browser and view our library. It would be great if this worked externally, but internally is my primary goal. External I can work around whichever limitation as we would typically be using mobile apps externally.

Thanks,
Frank

Just register your own domain and setup a simple web page redirect. So for example you could register darkman.tv domain. Use a 3rd party DDNS provider to map your domain to your home router’s external IP address. Many of the better home routers can do this for you.

At this point in a browser you can go to http://darkman.tv:32400 and be in business. If you don’t like specifying the 32400 port then you can setup Plex to answer on port 80 and forward port 80 on your router to your plex server then access as simple as http://darkman.tv. Only slightly more work but basically the same to support https as well.

But NO NEED for any load balancing.

BTW, my system is setup like this and it works well. I still use port 32400 as I have another web server running on port 80 and 443 but I have a link on that page so it’s still easy to access. I can remotely access my router, smart switches, remote access to internal servers, 3rd party network monitoring, Torrent, FTP, PlexPy, Plex Requests.Net, etc through a web interface so it makes things much easier to manage.

You can do something similar with GitHub - causefx/Organizr: HTPC/Homelab Services Organizer - Written in PHP

Another way to accomplish what you want to do is with nginx.

Carlo

8

Carlo,
Thanks, I will have to look at Orgnaizr a bit, it seems interesting. I actually have most of that setup already. The firewall and such aren’t an issue, I already have DDNS setup and a domain (a few actually) setup with records externally and on my internal DNS servers. Externally is less of an issue (firewall does the port mapping and NAT easily enough), its the internal traffic that’s the problem. This is why I setup a LB to perform header based routing (for my VMs running multiple services) and port forwarding/NAT (for my services where I can’t specify a port) internally. It did occur to me, however, that my VIP is on a different subnet than my real server (inter vLan routing is working fine so I don’t think it’s a routing issue) and this could be a problem as this is the only real server I’ve setup on a different subnet. I will need to explore that option with the vendor I suspect, and/or move the IP of the device to my Virtual Servers subnet from my Wireless, I’m just not sure if that will effect my Roku’s ability to discover it.

Thanks

9

Male sure to add the other subnets other than the one Plex is sitting on to the option:
Settings/Server/Network/LAN Networks