VLC can play blurays?

I’m not sure that’s possible on most routers but I’m very much not an expert in networking

I don’t think that’s how it works with my router. I read a bit about DNS failover and the consensus seemed to be that all DNS servers listed should return equal results since requests are spread round-robin between them (at least for mikrotik routers).

You are lucky I haven’t deleted my pi-hole VM yet ;D

In the Pi-Hole DNS settings I have the following configuration:

• Upstream DNS Servers => Quad9 (filtered, DNSSEC) both checkboxes for IPv4 checked
• Under Custom DNS servers I added a line with my routers IP
• Under Interface settings => Permit all origins. Note the warning written regarding this setting and check whether it applies for your setup!
• Under Advanced DNS settings I have enabled “Never forward non-FQDN A and AAAA queries” and “Never forward reverse lookups for private IP ranges”. Since according to the warning this would block local hostname resolution note the next setting.
• Under conditional forwarding I have added this line true,192.168.1.0/24,192.168.1.1,fritz.box. fritz.box was my local DHCP domain name but has since been changed to lan.

The other settings in Pi-Hole were under the Local DNS Records menu where I added my domain name (let’s call it example.com) to the list of local DNS records and pointed it at the IP of the server running my reverse-proxy. Finally I added each subdomain I wanted to use to the List of local CNAME records and pointed it at the domain I just entered to the other list.

I can’t perfectly tell you what my router settings were unfortunately since I have recently moved and replaced my fritzbox with a mikrotik router. The main thing you have to do though is to go to the DHCP server settings of your router and set the pi-holes IP address as the DNS server. Note that in the case of the pi-hole being offline for any reason you will be unable to resolve any domains while in this network

It might be possible to do some sort of failover setup by running a second pi-hole with identical settings but I did not want my network connectivity depending on any device other than my router being on. Hence my move back to using my mikrotiks built-in DNS server which fortunately also supports adding lists for DNS adblocking.

I’m not the guy you replied to but personally I use a setup called split-horizon DNS.

1. I have a DNS server running on a raspberry pi which I have set up as the DNS server for all devices in my local network (by setting it in the router).
2. This DNS server has my domain name as an A record pointing to my reverse-proxy (Nginx Proxy Manager), e.g. example.com would resolve to 192.168.0.100.
3. Any subdomain I want to use is set up as a CNAME record in my DNS server referring to the previously configured A record with my domain. (jellyfin.example.com => example.com)
4. Now all requests to the registered domain and subdomain are routed to my reverse-proxy which I configured to forward them to the correct service depending on the given subdomain.

This is a little bit of a simplification. I also use a cloudflare tunnel to allow access to select subdomains and I have 2 reverse-proxies chained together since NPM can resolve services by their container name as long as they are in the same docker network.

Also probably important: My DNS server was a pi-hole (until today at least) and did not act as my DHCP server. This meant it had no idea of local device hostnames and therefore was configured to forward queries to local device names to my routers built-in DNS server.

The domain I use for my services is one I rent from a registrar so that I can get valid SSL certificates without self-signing them. If you are fine with self-signed certificates or simple http you probably don’t need to do that.

I think I used a Pi 4B, either the 8 or 2 GiB model because that’s what I had lying around.

I never tried a compute module but instead upgraded to a lenovo tiny pc.

Also in my experience the raspberry pi isn’t all that great for a NAS considering you are reliant on using USB hard drives and also need a separate powered USB hub for them

I have also heard that you can bind your hypothetical torrent client to your hypothetical VPN network interface meaning it would be unable to even send out any data if the VPN was not connected.

Or in the case of docker use a prepackaged VPN+Torrent container or pipe all container network traffic through a VPN container like gluetun

I think there was a specific app for google TV which I used. My main problem was probably the lack of a wired connection since the Chromecast doesn’t have an ethernet port

Meanwhile I can’t even use steam in-home streaming to my chromecast because the artifacts and input lag is too bad to use.

Definitely this. There are so many minor things regarding formatting or how something you wrote may sound off to someone else that you generally won’t know or notice wirhout an outside perspective

Huh, guess I was wrong. I was pretty sure the text part alone was that much

wuthout the images obviously

What about NAS systems? I don’t recall seeing any for 10" before

Thanks for the setup tips, especially about the masquerade rule and safe mode.

I’m not too worries about the loss of speed since internet here in germany is on average slower than 250mbps and anything data intensive like access to my Mediaserver should be handled over Ethernet anyway. If it does become an issue I can always throw a second AP at it I guess?

I’m not sure how to find out whether it has two access points. Performancewise I believe the specific model I have selected should be fine.

Thanks. I wasn’t sure about the VLAN thing so that’s one of my main reasons for this post. I will probably buy a VLAN capable router anyway because I am pretty into home automation stuff and the ability to separate the IoT traffic and play around with networking a bit seems nice

I read about the issue regarding the halved connection speed somewhere but I don’t believe that will be an issue. Considering the average internet speeds here in germany are below 250mbps I don’t expect to saturate the WiFi connection even with half speed. Anything data intensive like accesses to my mediaserver will primarily be over ethernet.

I’ve heard about DMZ before but I never knew what it was. That will probably not be an option unfortunately. While I don’t know what router is currently used by the other residents I assume it will be either a FritzBox (which allow some configuration but are mostly idiot proof routers that are very popular here in germany) or a locked down router by the ISP. On neither case will I be able to configure a DMZ.

Regarding the WAN port, I was planning to use the stock RouterOS from MikroTik but I believe that the router can be configured this way already without OpenWRT.

Ah that makes sense. I thought I needed the VLAN to separate my network out from the rest.

I am a bit confused about your last paragraph though where you mention 2 APs. Do you mean my private AP and the AP used by the rest of the apartment or do you mean that I have to get 2 APs?