Routing a domain name to my home? Use a ddns subdomain or..?

Hi folks,

Thanks for such an excellent service!

I have a domain which I’m now managing via, and have separately set up a desec subdomain ( to forward traffic to my home setup using the ddclient service built into OPNSense.

My question is, what is the correct way to start forwarding web traffic for my ‘real’ domain to a site I’m hosting locally? Is it possible to set up a second instance of ddclient pointing at that real domain, and your service will take care of updating my A record? Or should I be forwarding that real domain to a subdomain of

Sorry for the probable noob question; very excited to start hosting my web sites from home!



Hi Ian,

First of all the term route is somewhat misleading here. deSEC is a DNS service. It deals (mainly) with translating hostnames to IP addresses.

In the networking world the term route is usually used for the ISO layer 3 process of directing IP packets to the correct destinations. DNS is not involved in this at all.

The way I understand your question is that you want to run a web server at home and use hostnames from your real domain?

Let’s call this real domain here. So e.g. should point to, which is updated to contain the correct A record when your public IP at home changes, correct?

You can do this by defining a CNAME pointing to Likewise for any other subdomains in that you want to point to your home.

The only caveat is that you can not use a CNAME at the domain apex, i.e. Solutions for this may partially exist. But they may require the support of the web clients and add a certain amount of complexity to the setup. It would advise against trying to solve that problem if you don’t have a really pressing need to do so.

You could also use a DDNS client to update records directly in but you should then ask for the minimum timeout (TTL) for the domain to be reduced to one minute. (This is something subdomains get automatically. But for other domains the default is 1 hour.) If you choose this path then you may not even need the domain.
See: Domain Management and look for minimum_ttl


1 Like

Or run “ddclient” on your host wich is hosting your site to update the AAAA and the A record!

OSI != ISO :wink:

That’s not needed. The dynDNS update interface used by DDNS clients is not subject to a domain’s minimum_ttl field.

Stay secure,

1 Like

Oops, my bad! Thanks for the correction.

Cool, I didn’t know that. Should cut down on support requests :wink:

@diem This would make it even easier to just set up your Internet router to update your main domain ( directly — unless there is some other reason for wanting to use


Thanks gentlemen for the cogent explanations!

Indeed I’ve no reason to send traffic via - this was just my ignorance based on what I had set up before.

I’ve added a ddns config in OPNSense for the domain and I’m now hosting from my home a site I first published over 20 years ago. The internet is a wonderful thing :slight_smile: