I followed this tutorial to set up local domain names with SSL-certificates using DuckDNS: https://notthebe.ee/blog/easy-ssl-in-homelab-dns01/

I have three local domains for my Nginx Proxy Manager running on a VPS, for my self-hosted Nextcloud and my Proxmox-WebGUI both running on my local Homeserver. They follow the scheme service.dataprolet.duckdns.org.

Now I use Uptime-Kuma to monitor my services including the three domains and for some reason those three domains constantly time out after 48 seconds. I already set up the retries to 3, but to no avail.

I also use Pi-hole and Unbound and thought, that might be an issue, but testing my DNS using dig, mtr, traceroute, nslookup and host all returned normal values and no errors.

Does anybody have any idea what could cause this? I’m kind of clueless at this point. Thanks in advance!

EDIT: I don’t get it.

  1. I can’t ping duckdns.org on my home server. I only get 100 % packet loss. I can open the website in my browser though. I also can’t ping www.duckdns.org, which redirects to appservers-duckdns-prod-1630339571.ca-central-1.elb.amazonaws.com. Also gets 100 % packet loss.
  2. I’ve added duckdns.org to my Uptime-Kuma and it got flagged as down because timeout of 48000ms exceeded but my other domains using DuckDNS were unaffected.
  3. I added another local domain to Uptime-Kuma to see the differences of having ignoring SSL errors tuned on or off and the number of retries:
  • Nextcloud
    • Ignore SSL error = false
    • Retries = 2
  • Proxmox
    • Ignore SSL error = true
    • Retries = 1
  • VPS
    • Ignore SSL error = false
    • Retries = 1
  • Homepage
    • Ignore SSL error = true
    • Retries = 2

Throughout the day only the newly added Homepage got flagged as down for 5 times. The 3 others were up the whole time.

  • rearview@lemmy.zip
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 days ago

    Could not resolve host

    Then I guess you only define an A record in the DuckDNS panel. That’s fine.

    A while back I ran a somewhat similar Wireguard tunnel and can’t connect. Turns out some MTU settings were lower than the docker’s MTU and that breaks big packets like SSL handshakes. Restarting makes it work fine until things start congesting again.

    Suffice to say this would be something I’ll look at if the SSL errors reoccurs

    • Dataprolet@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      19 hours ago

      So the MTU of Tailscale is actually 1280, but is the connection even going through the VPN or rather through my VPS, when Uptime-Kuma is trying to connect to my local domain?

      • rearview@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        ·
        16 hours ago

        It shouldn’t go through the VPN although idk how to verify that. Do you still have the timeout errors in your monitors? What do those errors say?

    • Dataprolet@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 days ago

      Thanks, since I access my home network and server through the public IPv4 of a VPS via Tailscale this could actually be the issue. I’ll look into it, when I find the time.