I have a static ip (lets say 142.251.208.110). I own the domain: website.tld My registrar is godaddy. If I want to change my nameserver godaddy won't allow me to enter a static ip. It wants a hostname. I observed that many use ns1.website.tld and ns2.website.tld. I don't understand how this can work because ns1.website.tld would be served by my dns server which is not yet known by others. Do I need a second domain like domains.tld where I use the registrars dns server for serving ns1.domains.tld which I can then use as the nameserver for website.tld? I would like to avoid the registrars nameserver and avoid getting a second domain just for dns. Thank you for your input.

I have two machines running docker. A (powerful) and B (tiny vps). All my services are hosted at home on machine A. All dns records point to A. I want to point them to B and implement split horizon dns in my local network to still directly access A. Ideally A is no longer reachable from outside without going over B. How can I forward requests on machine B to A over a tunnel like wireguard without loosing the source ip addresses? I tried to get this working by creating two wireguard containers. I think I only need iptable rules on the WG container A but I am not sure. I am a bit confused about the iptable rules needed to get wireguard to properly forward the request through the tunnel. What are your solutions for such a setup? Is there a better way to do this? I would also be glad for some keywords/existing solutions. Additional info: * Ideally I would like to not leave docker. * Split horizon dns is no problem. * I have a static ipv6 and ipv4 on both machines. * I also have spare ipv6 subnets that I can use for intermediate routing. * I would like to avoid cloudflare.