No access to nohost.me from the outside

A big hello to the community. I an new to Yunohost and really enjoyed the installation and first test run of my server. Unfortunately I ran into some problems when i decided to install a fresh version into my old PC which I have at home. Every device at home is behind a VPN client (from a VPN company) installed in my router.
So, I installed everything fine, registered a nohost.me name using the automatic method through the web interface.

THe problem i get is that I cannot access the domain from the outside. The domain is registred on the Dyndns but when i type the web address i chose, nothing is happening.
From the local network I have access perfectly, plus i can download any application i want from the desktop-server. Please find below my setup:

My YunoHost server

Hardware: Old laptop or computerat home / OpenVPN client installed in router
YunoHost version: 3.6
I have access to my server : Through SSH | through the webadmin | direct access via keyboard / screen | …
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : yes. I have disabled ipv6 since i tought this was causing the issues (log below)

Update the ip associated with your YunoHost subdomain ΧΧΧΧΧΧΧΧΧ (not the real address).nohost.me

2019-09-05 23:32:03,373: INFO - Updated needed, going on…
2019-09-05 23:32:03,816: DEBUG - Could not get public IPv6 : Invalid url https://ip6.yunohost.org (does this site exists?)
2019-09-05 23:32:03,819: DEBUG - system hook folder not found for action ‘custom_dns_rules’ in /usr/share/yunohost/hooks/
2019-09-05 23:32:03,819: DEBUG - custom hook folder not found for action ‘custom_dns_rules’ in /etc/yunohost/hooks.d/
2019-09-05 23:32:03,820: DEBUG - Now pushing new conf to DynDNS host…

; Basic ipv4/ipv6 records
@ 3600 IN A 185.181.100.203

  • 3600 IN A 185.181.100.203

; XMPP
_xmpp-client._tcp 3600 IN SRV 0 5 5222 ΧΧΧΧΧ.nohost.me.
_xmpp-server._tcp 3600 IN SRV 0 5 5269 ΧΧΧΧ.nohost.me.
muc 3600 IN CNAME @
pubsub 3600 IN CNAME @
vjud 3600 IN CNAME @

; Mail
@ 3600 IN MX 10 ΧΧΧΧΧΧ.nohost.me.
@ 3600 IN TXT “v=spf1 a mx ip4:185.181.100.203 -all”
mail._domainkey 3600 IN TXT “v=DKIM1; h=sha256; k=rsa; p=A biiiiiiiiig key”
_dmarc 3600 IN TXT “v=DMARC1; p=none”

; Extra
@ 3600 IN CAA 128 issue “letsencrypt.org

In order to reach the server from the outside, i have opened a specific port through my VPN provider since the IP address i am given is shared. This port forwarding i tested that is reachable when I have a service listening to that port (this test was prior of installing Yunohost).

I should note that in my first attempt to get ot know Yunohost i installed it in an another location that was not behind VPN and everything was perfectly fine even with the Lets encrypt certificate. I could access everything from the outside. When i brought the same pc at home though, i got the same messages above.

I read in a recent forum post that some people had similar issues and it seemed that the name was not registering somewhere i think…
Please also note that I am a newbie to this self hosting thing and limited experience, so please be gentle! :slight_smile:

I appreciate your help.

Best regards!


Hey @HoldMyGin,

You mean, while in the local network, you can access the nohost.me domain? Or you mean the local IP address behind the router?

Have you tried something like mtr to see where your packets go and until which hop they arrive on when trying from inside / outside the network?

Same for me, it has to come from their API

Hi @decentral1se,

Thanks for your reply. I mean i can access the server from my local network via the local ip the server has, eg 192.168.x.x.
Yes I have done an mtr and the result i get is : unknown host…

@MoDzCatZ Hi. Are you saying that you are having the same issue?

So can you check using https://www.whatsmydns.net/ that your domain points to the right IP ? (Also maybe do the check for IPv6 / AAAA records in case you have IPv6 involved)

Yes I have tried this. All results come back with X. As if the domain isn’t pointing anywhere. Also tried to check dyndns and said that the name is registered…
I mean shouldn’t this process be automatic since I used a nobody.me name?
How can I manually do the allocation of the domain in a specific IP?

Hmmm so when you run yunohost dyndns update it triggers the update of the domain which starts with the log you posted :

So what happens at the end ? Did you paste everything there is when running this command ?

Hi Aleks,

I noticed, when i restarted the server, that there was an error message that the dnsmasq (something like that) service could not start or initiate.
Further to your question above, when i ran the yunohos dyndns update there is also two lines at the end of the log saying : Update failed : NOTAUTH (BADKEY), and TSIG error with server: tsig indicates error’ and also another error saying Unable to update IP address on DynDNS.

And this is the log from the dnsmasq

Sep  8 19:31:08 xxxxxxxx systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Sep  8 19:31:08 xxxxxx dnsmasq[15409]: dnsmasq: syntax check OK.
Sep  8 19:31:08 xxxxxx dnsmasq[15412]: dnsmasq: failed to create listening socket for port 53: Address already in use
Sep  8 19:31:08 xxxxxx dnsmasq[15412]: failed to create listening socket for port 53: Address already in use
Sep  8 19:31:08 xxxx systemd[1]: dnsmasq.service: Control process exited, code=exited status=2
Sep  8 19:31:08 xxxxx dnsmasq[15412]: FAILED to start up
Sep  8 19:31:08 xxxxxxx yunohost-api[551]: Job for dnsmasq.service failed because the control process exited with error code.
Sep  8 19:31:08 xxxxxxx yunohost-api[551]: See "systemctl status dnsmasq.service" and "journalctl -xe" for details.
Sep  8 19:31:08 xxxxxx systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server.
Sep  8 19:31:08 xxxxxxx systemd[1]: dnsmasq.service: Unit entered failed state.
Sep  8 19:31:08 xxxxxxx systemd[1]: dnsmasq.service: Failed with result 'exit-code'.
Sep  8 19:31:16 xxxxxx yunohost-api[551]: Synchronizing state of dnsmasq.service with SysV service script with /lib/systemd/systemd-sysv-install.
Sep  8 19:31:16 xxxxxxx yunohost-api[551]: Executing: /lib/systemd/systemd-sysv-install disable dnsmasq
Sep  8 19:31:16 xxxxxx systemd[1]: Reloading.
Sep  8 19:31:16 xxxxxxx systemd[1]: apt-daily-upgrade.timer: Adding 13min 29.663856s random time.
Sep  8 19:31:16 xxxxxx systemd[1]: Reloading.
Sep  8 19:31:16 xxxxxx systemd[1]: apt-daily-upgrade.timer: Adding 56min 40.146588s random time.
Sep  8 19:31:16 xxxxx systemd[1]: Reloading.
Sep  8 19:31:16 xxxxxxx systemd[1]: apt-daily-upgrade.timer: Adding 6min 11.761146s random time.
Sep  8 19:31:19 xxxxxx systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Sep  8 19:31:19 xxxxxxxx dnsmasq[15507]: dnsmasq: syntax check OK.
Sep  8 19:31:19 xxxxxxx dnsmasq[15510]: dnsmasq: failed to create listening socket for port 53: Address already in use
Sep  8 19:31:19 xxxxxxxx dnsmasq[15510]: failed to create listening socket for port 53: Address already in use
Sep  8 19:31:19 xxxxxxxsystemd[1]: dnsmasq.service: Control process exited, code=exited status=2
Sep  8 19:31:19 xxxxxxx dnsmasq[15510]: FAILED to start up
Sep  8 19:31:19 xxxxx systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server.
Sep  8 19:31:19 xxxxxx systemd[1]: dnsmasq.service: Unit entered failed state.
Sep  8 19:31:19xxxxxx yunohost-api[551]: Job for dnsmasq.service failed because the control process exited with error code.
Sep  8 19:31:19 xxxxxxx yunohost-api[551]: See "systemctl status dnsmasq.service" and "journalctl -xe" for details.
Sep  8 19:31:19 xxxxxx systemd[1]: dnsmasq.service: Failed with result 'exit-code'.
Sep  8 19:31:22 xxxxx yunohost-api[551]: Synchronizing state of dnsmasq.service with SysV service script with /lib/systemd/systemd-sysv-install.
Sep  8 19:31:22 xxxxxx yunohost-api[551]: Executing: /lib/systemd/systemd-sysv-install enable dnsmasq
Sep  8 19:31:22xxxxxxx systemd[1]: Reloading.
Sep  8 19:31:22 xxxxxx systemd[1]: apt-daily-upgrade.timer: Adding 1min 51.256192s random time.
Sep  8 19:31:22 xxxxxxx systemd[1]: Reloading.
Sep  8 19:31:22 xxxxxx systemd[1]: apt-daily-upgrade.timer: Adding 30min 13.660636s random time.
Sep  8 19:31:22 xxxxxxx systemd[1]: Reloading.
Sep  8 19:31:22xxxxxxx systemd[1]: apt-daily-upgrade.timer: Adding 58min 39.609964s random time.
Sep  8 19:31:28 xxxxxx systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Sep  8 19:31:28 xxxxxxx dnsmasq[15609]: dnsmasq: syntax check OK.
Sep  8 19:31:28 xxxxxxxx dnsmasq[15612]: dnsmasq: failed to create listening socket for port 53: Address already in use
Sep  8 19:31:28xxxxxxx dnsmasq[15612]: failed to create listening socket for port 53: Address already in use
Sep  8 19:31:28 xxxxxx systemd[1]: dnsmasq.service: Control process exited, code=exited status=2
Sep  8 19:31:28 xxxxxxx dnsmasq[15612]: FAILED to start up
Sep  8 19:31:28 xxxxxxx systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server.
Sep  8 19:31:28xxxxxxsystemd[1]: dnsmasq.service: Unit entered failed state.
Sep  8 19:31:28 xxxxxx yunohost-api[551]: Job for dnsmasq.service failed because the control process exited with error code.
Sep  8 19:31:28 xxxxxx yunohost-api[551]: See "systemctl status dnsmasq.service" and "journalctl -xe" for details.
Sep  8 19:31:28 xxxxxxxx systemd[1]: dnsmasq.service: Failed with result 'exit-code'.

Ok, to narrow down few things:
I think that the public address I am getting from my VPN provider cannot be accepted (?) from DynDns services?
Because when I plug the server to the ISP modem the IP is updated and everything works fine.
So does this DynDns service blacklists some IPs?

Uh not really …

Hmmmm dunno why this happens … maybe we can try to re-subscribe the domain … For this we need to delete it from our infrastructure, then you can run

rm -rf /etc/yunohost/dyndns
rm /etc/cron.d/yunohost-dyndns

Then

yunohost dyndns subscribe -d yourdomain.nohost.me