this post was submitted on 09 Apr 2026
13 points (93.3% liked)

Selfhosted

59999 readers
799 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
13
Hairpin dns issue (lemmy.world)
submitted 2 months ago by mortalic@lemmy.world to c/selfhosted@lemmy.world
29 comments fedilink hide all child comments
 

I've got Immich working great on Unraid, but if I'm on my network I can't really use it. Just fails to resolve the dns. I looked it up and it's that my router doesn't support hairpin or something. It's a Aginet hb810. I found a workaround in the Immich client where you can add a second entry that's network specific, but it doesn't seem to work very reliably.

What are my options?

you are viewing a single comment's thread
view the rest of the comments
[–] spaghetti_carbanana@krabb.org 1 points 2 months ago

You've got two options I can think of:

  1. As others have eluded, split DNS. You need something handling DNS resolution internally that allows you to add custom records. You'll need to add a record of type "A" pointing to the internal IP where Immich sits.

  2. Since you have Immich published to your public IP, you can use hairpin NAT. This is something that is a lucky dip with routers as to whether it works or not and only some make it configurable. This will allow you to hit Immich via public IP and the router will "hairpin" the traffic out to the WAN interface and back in. This is how I do it so I don't make a spaghetti mess of DNS records.

Failing to resolve DNS doesn't sound like this is actually the problem though. Do you have a domain registered and DNS records pointing to your public IP? Does it resolve fine outside your network? If yes, then something may be wrong on your internal network's DNS resolution.

Also worth noting, if you only just created the records in public DNS then tried to resolve it straight away, they will not have propagated yet and your DNS resolver will cache the "record doesn't exist" result for some time (most I've seen is a couple of hours).