I set up port forwarding as well as dynamic DNS. Everything works as expected when connecting to servers on my local network using that DNS name and port number when connecting externally. I can connect from outside my home network. I can of course also connect to the servers on my local network using their local IP address.
However, I cannot connect to them from my local network when using the DNS name (or external IP address). My understanding is this should work due to a feature called NAT hairpinning or NAT loopback.
I can verify that NAT loopback works on the (older) RBR50 Orbi. Some possibilities come to mind:
What port is being forwarded? I have a vague memory of certain ports being "special" to the Orbi router. (my memory is not that great. On my RBR50 the 'drop down' menu for port forwarding includes http (80) does not include https(443). Are you trying to forward 443? i.e. does the specific port number make a difference?
What DNS service is being used to resolve DNS names? I just now attempted to reproduce this error on my RBR50, by forwarding port 80 to one of my Pi-hole servers. My PC is not using Orbi to resolve DNS. (using CloudFlare and Google instead). Got some goofy error message that access to http://<my-DDNS-name> was denied. What this appears to be was that somehow the DDNS request got 'NAT-looped' to my Pi-hole, which threw a fit. I swear that I have done this exact experiment before to demonstrate that NAT-loopback 'works'. Now, I am confused (and unhappy).
Can the problem be duplicated on another Orbi 750? Alas, only some nice volunteer who watches the forum and has a 750 could do this.
The 750 firmware may be broken. There have been plenty of issues raised about the 750 firmware. This might be yet another problem. (Do I remember correctly that there is 'beta' firmware going around for the 750?)
Frustrating that I have only the RBR50. I forwarded port 80 to my Pi-hole, then opened http://<<my public IP> on two Windows computer a smartphone, and a tablet attached to the Orbi WiFi. All of them immediately brought up the Pi-hole web page.
Now..... how did this happen? Was it
The request went out to the internet through the ISP and then came back through the ISP to my public IP and was forwarded to the Pi-hole? or....
The Orbi recognized the public IP and did a NAT loopback?
My guess is the way to determine this is to do a packet capture and compare wan.pcap file against lan.pcap file to see if that traffic ever left the Orbi. I promise to do that tomorrow.
However, attempts to bring up the Pi-hole using the DDNS failed every time with an error that the Pi-hole needed to be whitelisted. I whitelisted the DDNS URL, but the error remained.
I am beyond frustrated. IP works from the local LAN. DDNS does not work from the LAN. (IP worked from a smartphone using LTE data and failed using DDNS. Now, I don't know if this is related to Pi-hole, Orbi.... or what.)
What a dismal situation. Guess I need to set up another service to test in addition to Pi-hole.
I can now confirm that both DDNS and IP works with my Orbi RBR50. Rather than forwarding port 80 to Pi-hole, I forwarded port 80 to my Epson printer, which has a web interface. With a browser on my PC, http://<DDNS> works. http://<public IP> works.
It might be worth a few minutes to confirm that the public IP being used by DDNS is the IP that the Orbi reports on the Advanced Tab, Internet panel for IP Address. This is easy to do. Connect to any of the "what is my IP address?" web sites and compare the IP that they return against the Orbi.
I also like to use a web site to confirm "is this port open?", such as Gibson Research Shield's Up! https://www.grc.com/shieldsup
So far, I am down to two alternatives:
Port forwarding may be set up on the Orbi, but it is behind another router and does not have the true public IP. This means that NAT loopback cannot work. Or...
Your Orbi does not work like my Orbi. This is such a basic part of the code that it seems unlikely. but.....???
Connected web browser (Edge) on PC to http://DDNS (secretname.mynetgear.com)
The printer management page displays. (It takes a bunch of GETs and responses to display one web page. sheeesh.)
The WAN capture includes zero HTTP packets from the internet to the router. (This is to be expected because no one on the web should expect me to be hosting a web site.)
The LAN capture includes zero packets (of any kind) directly between the PC and the printer. (I was not printing anything.)
The LAN capture includes all of those HTTP GETs from the Orbi router to the printer and bunches of packets from the printer back to the router..
My conclusion is the NAT loopback is working as expected. The PC thinks that secretname.mynetgear.com is "out there" somewhere and sends HTTP packets to the router. The router responds with HTTP information that it got "from somewhere", but none of those packets went farther than the router.
My money is still on one of two possibilities:
There is a Double NAT which prevents port forwarding and NAT loopback, or
