A couple of questions about internal and external FQDN.

Discussion in '3CX Phone System - General' started by hogan71088, Nov 30, 2015.

Thread Status:
Not open for further replies.
  1. hogan71088

    Joined:
    Nov 30, 2015
    Messages:
    60
    Likes Received:
    3
    Hi All,

    I have one or two questions about creating an internal and external FQDN.

    1. For the external FQDN, can I use a free service such as https://www.changeip.com/ which allows me to choose one of their subdomains for free and map it to an external IP address.

    2. Is there many on here that use Pfsense or TinyDNS to resolve their internal FQDN, I assume not everyone uses the Windows server platform.

    Thanks.
     
  2. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,586
    Likes Received:
    252
    I have only recently installed version 14 on a PC. i was rather dismayed that it is now assumed that you have a static public IP and Domain name, and use an internal FQDN. I can see this as being a drawback for small businesses that have no need of the added expense of a static IP from their ISP. I use a DDNS service externally, which has served me well up to this point. I'm not certain of all of the implications of moving ahead with what I've got to work with, but, as time allows, I will see what happens.

    I assume that one work-around for the internal FQDN would be a router that intercepts that particular DNS request and replies with the internal IP of the 3CX server, using DD-WRT allows that, I believe. We'll see what happens. On a positive note, I did get the (really old) 3CX Skype gateway to work (it seams).
     
  3. hogan71088

    Joined:
    Nov 30, 2015
    Messages:
    60
    Likes Received:
    3
    Thanks for your reply, it's definitely not ideal that you need to have an internal DNS server, a static IP and the fact that you can't use a domain name with a dynamic dns update client rather than the IP.

    Anyone else chime in?
     
  4. 12494

    12494 Member

    Joined:
    Apr 16, 2010
    Messages:
    292
    Likes Received:
    25
    The router thing with dd-wrt does work - for providing the internal FQDN if you are not running a Windows DNS locally.

    Allen
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. TSDKen

    Joined:
    Sep 29, 2008
    Messages:
    33
    Likes Received:
    0
    Hoping someone could explain the reason why we can longer use a domain name in V14? I have been using DynDNS quite successfully for several years before v14 came out.

    Also, looking for some specific information regarding DDWRT for FQDN if someone can point me in the right direction.

    Thanks,

    Ken
     
  6. NickD_3CX

    NickD_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Jun 2, 2014
    Messages:
    1,283
    Likes Received:
    68
    Just thought I'd pitch in here, since V14 SP1 installer was released, during the installation you get 3 options, "Split DNS", "External FQDN and Local FQDN" and "I do not have an FQDN".

    If you choose option "External FQDN and Local FQDN" you can either have 2 FQDNs, one external and one internal, or you cn have an External FQDN and instead of the internal FQDN you can enter the Local IP of the server.

    This was something that was actually changed after user requests after the initial release of V14 (before SP1).
     
  7. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,586
    Likes Received:
    252
    It may have been the SP that I had originally tried installing, or the install options may not have been quite as clear as in previous 3CX versions. Glad to hear that the option for a dynamic IP used with a DDNS service is still there.


    Is this the sort of thing you are looking for?

    https://www.dd-wrt.com/wiki/index.php/DNSMasq_Local_Network

    Keep in mind that DD-WRT (and Tomato), are firmware loads that replace the original router firmware on COMPATIBLE makes/models. There are some very good, inexpensive models out there, that can be used, many can be found at places like Goodwill for a couple of dollars. If you are new to this, it's probably best to go the least expensive route to begin with. If it doesn't work the way you expected, you won't be out-of-pocket by much. I have a preference for the D-Link DIR-615. (D-link even offers a free DDNS service for it's models) They are usually readily available used, and offer a lot of features with a new firmware load. Security, at a corporate level, may not be up to everyone's standards so do your research. They don't offer "A" band wireless but an add-on Access Point would fix that, if required. The firmware sites should provide a list of compatible models. You may have an old one sitting around already.
     
  8. 12494

    12494 Member

    Joined:
    Apr 16, 2010
    Messages:
    292
    Likes Received:
    25
    I use some other router firmware that is an alternative to DDWRT - called Tomato - of all things. Even furthermore, there is some modified versions of this and I use the one referred to as Toastman. In this GUI, in addition to using a command line interface to create the DNS mapping you can also do it via GUI.

    You can get in touch with me if you want more details.

    Allen
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. uptime1

    uptime1 New Member

    Joined:
    Jan 13, 2012
    Messages:
    112
    Likes Received:
    30
    Hi Nick,

    For clarity, I want to emphasize that I mostly do multi-tenant installations of 3CX...

    I'm confused. I would absolutely love to use a local IP address instead of a FQDN! This would allow us to easily deploy v14 without the hassle of setting up a local DNS server to resolve the FQDN (which, while I understand the need for the FQDN (to segregate access to different tenants), it's a complete PITA to have to layer on more infrastructure. It's particularly painful at smaller installations which are the majority of 3CX prospects.

    In the three options you mentioned, are you referring to the single instance install or multi-tenant install? I don't see the "I do not have an FQDN" in the v14 SP2 multi-tenant install.

    Thanks!
     
  10. NickD_3CX

    NickD_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Jun 2, 2014
    Messages:
    1,283
    Likes Received:
    68
    The 3 options apply for the Single Instance only, sorry for not clearing that up before.
    For Virtual PBX (Multi-Instance) installations Split DNS is enforced and you don't have the other 2 options.

    For smaller installations though I would Imagine you would either:
    a) Put an on premise installation that would be a single-instance which would give you the 3 options.
    or
    b) They would prefer a hosted PBX in which case the they would be remote to the PBX in which case you agree that an external FQDN is necessary to segregate access to different instances.

    To clear one more thing up, if you do a Virtual PBX (Multi-Instance) installation and the server is behind a NAT (has a private IP, not public interface) and you are not planning on having local extensions any of the instances (extensions on the same LAN as the Virtual PBX server), then you do not need to setup a Local DNS. You only need to setup Split DNS on Virtual PBX installations when you are planning on having local extensions that are either on the same physical LAN as the Virtual PBX server or if the extensions are connecting over a VPN connection so again, essentially the are interacting directly with the servers private IP.
     
  11. TSDKen

    Joined:
    Sep 29, 2008
    Messages:
    33
    Likes Received:
    0
    Maybe I am missing something, but when I try to install v14, it does not allow a domain name and clearly states that a services such as DynDNS are not supported. Obviously a static IP is preferable, but why should DynDNS be blocked? This worked flawlessly in the past and I do not see why it should be different moving forward.
     

    Attached Files:

  12. hogan71088

    Joined:
    Nov 30, 2015
    Messages:
    60
    Likes Received:
    3
    I'd love to know this answer also. I have a test setup at home where the IP address changes all the time. I have a dynamic dns domain that updates anytime my IP address changes but it can't be used with 3cx...
     
  13. TSDKen

    Joined:
    Sep 29, 2008
    Messages:
    33
    Likes Received:
    0
    Let me add that if DynDNS continues to be blocked, I will be forced to look at alternatives such as FreePBX.
     
  14. NickD_3CX

    NickD_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Jun 2, 2014
    Messages:
    1,283
    Likes Received:
    68
    It all comes down to the fact that if the 3CX Phone System has anything to do with the outside, like VoIP Providers, Remote Extensions, etc, it needs a Static Public IP, it will not work reliably with a Dynamic IP.

    Also for a guide on how to go through the Single-Instance Installation you can also refer to the manual which outlines most of the procedure:
    http://www.3cx.com/docs/installing-3cx/#h.7lgcpd5rel6n
     
  15. TSDKen

    Joined:
    Sep 29, 2008
    Messages:
    33
    Likes Received:
    0
    Nick, I really love 3cx. I am a small business owner and Networking and VOIP are just one of the many hats I wear on a daily basis. After years of struggling with trixbox, everything simply works better and is easier with 3cx. I would just ask (plead) with you to not force people into paying for a static IP. As I have mentioned, I have run 3cx flawlessly on a dynamic IP for years using DynDNS. I am struggling to understand why this is such a bad idea? Maybe static IPs are common place in Europe, but my Business Comcast account with static IP would cost significantly more and I cannot even get a static IP at my house. For whats its worth, my SIP provider (nexvortex) has no problem with me providing a DynDNS domain (vs. static IP).

    Thanks,

    Ken
     
  16. lneblett

    lneblett Well-Known Member

    Joined:
    Sep 7, 2010
    Messages:
    2,064
    Likes Received:
    58
    Out of curiosity, has anyone simply tried to use a DDNS name in the external FQDN field? While not supported, I do not recall seeing anything about it being blocked, but I could be incorrect. I would discourage its use as well, but I do indeed understand why it is desired.

    On the other hand, I have some clients that have no option but to use DSL for their connectivity. AT&T has the audacity of offering static IPs, but only if you subsribe to their highest level of service. Unfortunately, the distance from the CO is too far for most clients to get the highest level, so they still can't get a fixed IP (even after offering to pay and beg). I am forced to use analog gateways so, I feel your pain.

    Just curious.
     
  17. jpillow

    jpillow Well-Known Member

    Joined:
    Jun 20, 2011
    Messages:
    1,342
    Likes Received:
    0
    @TSDKEN- we more clients using Comcast coax cable with no static IP as we sale alot of Comcast services, althoguh you may have a dynamic IP with comcast it will very rearely change the only instance I've ever seen in this is when there is new equipment on site ie Comcast modem... I worked home using Comcast internet for years up unti maybe a 1 year ago and I can literally recall the three times my iP changed twice of which were times I moved. I wouldnt be worried at all about using the dynamic and an FQDN that doesnt mean your IP wont change ever but its not goin to be something evnen remotely close to a common occurnacne and if it does its a simply 3 minutes change in 3cx. Maybe I think you are worried a bit mroe than you should be, I can assure you if you like the ease with whcih you can manage 3cx you will be in for a rude awakening by moving to FreePBX especially if you don't truly know Linux. FreePBX is easy to turn up and use but a pain in the ass to trouble shoot if you dont really know Linux.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. NickD_3CX

    NickD_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Jun 2, 2014
    Messages:
    1,283
    Likes Received:
    68
    Seeing that this thread has caught some attention, I though I should update it.

    In SP3 of V14, the functionality that was there on previous versions has been restored to a big extent in regards to having a Dynamic IP. If you now go to the Management Console -> Settings -> Network -> "Public IP" tab, you can uncheck the "Disable STUN" option and the Phone System should now try to resolve its Public IP against the STUN servers dynamically. Note though that as opposed to previous versions, this will not be done on every single external call, but rather it is done at 20-minute intervals (default). You can I believe though change the interval from the "Parameters" by adjusting the value of the "STUNTCHECK" variable.

    The above means that theoretically you should be able to use DDNS services assuming that the service is also updated correctly with the Public IP you have.

    Keep in mind though that despite this, 3CX still does not recommend using DDNS services and Dynamic Public IPs on production systems.
    Also this has not been extensively tested as it is not a recommended setup.
     
  19. petewatterschats

    petewatterschats New Member

    Joined:
    Jan 19, 2016
    Messages:
    151
    Likes Received:
    0
    I am new to 3CX and PBX Systems but it has become an issue since non phones, devices like Intercoms, Cameras door bells ect are requiring SIP Servers so I am learning.

    FQDN

    The documentation seems to imply that External FQDN/Internal FQDN is different than Split DNS but to me they are one and the same. If someone has a different understanding I would appreciate hearing from you.

    DNS

    Now to DNS, I purchased a license for a DNS and DHCP Server from "Simple DNS Plus" for $79 so I would have an internal DNS server. I could never find a router that offered a DNS capability and did not want to deal with the DD-WRT option because I did not want the potential increase in support costs because of changing unsupported firmware.
    I have not completed all my tests on the DNS server so I am not recommending it, it is just something I found on the Internet. It has a DHCP Server capability that allows for assignment of specific IP Addresses to specific MAC addresses. These capabilities have some advantage with other systems not related to 3CX.
    It works fine on the Local Private Network and From the Public Side – tested it with a remote iPad.

    Dynamic DNS

    The External FDQN just points to the Public Address so if this is resolved why and what problems can occur because Dynamic DNS is used. You are required to put in a Public IP Address when you set up the 3CX Server

    Static Public IP

    Settings – Network – Public IP

    Here you cannot put in a FQDN but must enter an IP Address with no Sub Netmask or default route. There also is a Private IP address for the 3CX Server local/private side
    My question is how is this used or is it used at all, were just pointing at an address for the 3CX Server.
    Any insight would be appreciated
     
  20. cfive

    cfive Member

    Joined:
    Aug 20, 2009
    Messages:
    284
    Likes Received:
    5
    Split DNS really smooth's the transition between lan and wan so far as endpoints that may travel between the two. If you don't have mobile devices, nor any use for endpoints on the WAN side, you won't care.

    For features like webrtc, etc, using SSL, you need a certificate. You can't get a certificate for an IP address - it must be a FQDN. If you don't want to use such features, you don't care.

    3CX can function just fine with all endpoints on the LAN only, without DNS records - IP addresses will suffice. But you give up a whole lot of features and convenience by not understanding and using DNS. This isn't a 3CX thing, DNS is a pillar of IP connectivity.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Thread Status:
Not open for further replies.