This year during the New Year, I brought back a DIY small server and set it up at home to create a resource sharing service, allowing family members to store and share some photos and videos taken with their mobile phones. However, since I’m not usually at home, if any issues or failures arise, I need to remotely log into the home server to handle them. So the question arises: how can I bypass multiple layers of networks and access my home server from afar?

The first issue to address is the dynamic IP address problem. Generally, public servers have a fixed IP address, which costs money to obtain. However, my home uses regular telecom broadband, and the service provider is not generous enough to give me a fixed IP for free; instead, they assigned me a dynamic IP address that typically changes every couple of days. For example, if I remember that my home IP is 121.12.21.12 today, I can use this IP for remote access. But after two or three days, it may change to 121.12.21.xx, and I won’t know what my home IP has changed to while I’m away, leaving me completely at a loss.

Of course, as a programmer, I can write a scheduled task on the server that sends me an email with the latest IP address whenever it detects a change in the home IP. This way, every time I want to remotely access the home server, I first check my email to find the latest IP address in the most recent email and then proceed with the operation. But isn’t that quite cumbersome?

This troublesome situation can be resolved using DDNS (Dynamic DNS) services. When we browse the internet, we usually just enter a domain name, and through DNS services, it translates the easy-to-remember domain name into a hard-to-remember IP address, allowing the browser to directly access the corresponding IP. Similarly, I can use a domain like ddns.example.com to point to my home IP address. Whenever my home IP address changes, I can use the DDNS service to update the domain’s pointing IP, so I only need to remember that domain without managing the dynamic IP changes. There are many free DDNS services available online, so if needed, you can search for them.

Next, I also need to address another issue: the internal network penetration problem. Since there are multiple network devices at home, we use a router to isolate the home network into a separate local area network (LAN). We know that hosts within a LAN cannot be accessed directly from the public internet. If I want to access the server inside the LAN from afar, I need to create a hole in the LAN for internal network penetration. The simplest way is to perform port mapping on the router, which most routers support. For example, if I map the router’s external IP (121.12.21.12) port 2222 to the internal server (IP: 192.168.1.3) port 22, then accessing 121.12.21.12:2222 actually means accessing 192.168.1.3:22, thus solving the problem of accessing LAN hosts from the public network.

Finally, I only need to remember to access ddns.example.com:2222 in my remote access tool (SSH) to connect to the home server at 192.168.1.3 on port 22, so I won’t have to worry about the service provider changing the IP anymore!