HAproxy with domain vs DDNS
-
Hi, new to pfsense and wanted to ask a question. What is the benefit of using HAproxy with domain (and subdomain names) for my server such as plex.abcd.com, nextcloud.abcd.com, etc instead of using ddns name and having port forwarded to each of the different IP addresses for sonarr, radarr, nextcloud, plex, etc?
Is one better than the other in terms of security?
I current have a static IP from my ISP because my applications were not working with their dhcp IP, but I like using HAproxy with a domain name. Do I still have to do port forwarding when using domains under NAT?
Thanks
-
The benefit is that you don't need to use port forwarding at all and you only need to have one port open. You can have HAproxy listen on the WAN on port 443 and send requests to the appropriate backend server based on the requested URL.
You don't have to remember what port the services are running on externally just the FQDN.
It isn't necessarily any more secure though. You only have one firewall rule on WAN so you can't apply different rules to each service at the firewall level. Connection limiting, traffic shaping etc.
You still can have HAprxy listen on different ports though if you found you needed that.Steve