Bonjour & DDNS= exposed to WAN?

[markc6123]

Greetings. I run Plex on an Nvidia Shield TV, which accesses the NAS for files. I can't access the NAS files via Plex outside the LAN unless DDNS is enabled under network & virtual switch on the NAS.
I use XYPlorer as a replacement for Windows 10 file explorer. XYPlorer can't see the NAS files unless Bonjour is enabled on the NAS. (although Windows file explorer can). UPNP is disabled on router and NAS.
With Bonjour and DDNS enabled am I exposed to the WAN?
If DDNS does expose the NAS to WAN, if I assign a static IP to the NAS will that let me disable DDNS?
Thanks in advance.
-Mark

NAS TS-231P firmware is 4.5.1.1480

[dolbyman]

Why would you use DDNS if you do NOT want to expose any device in your LAN (or a dedicated VPN appliance) to WAN ?

Be very carefull what you expose and have external backups at all times... ransomware is on the hunt

[jaysona]

If you want to access plex from the Internet, ddns is not required. Don't use QNAP DDNS stuff at all, just stay away.

For plex access from the Internet you just need to port forward tcp 32400 to your NAS, set your NAS up with a static IP and not DHCP. If you do not use a static IP, then your NAS could be given a new IP address, which would mean the original port forward is no longer working. This is why many people use DDNS and UPnP, it's the lazy (and insecure) way to make things work.

I have no answer for the XYPlorer question, other than it clearly does not know how to properly view SMB/CIFS shares, you may need to tweak the SMB settings somewhere, you should not need to use bonjour to browse files.

[markc6123]

Thank you for the response, very helpful AND it answered my question. Plex is already port forwarded on router but for some reason it failed without the DDNS on NAS turned on, the port is forwarded to the Shield since that's what's running Plex, not the NAS. Would I need to forward the port to the NAS as well? I'll try again and maybe reboot the shield for good measure.
Edit- I just tried Plex again from outside the LAN after setting static IP's for Shield and NAS and now it seems to work fine, thanks again.

If you want to access plex from the Internet, ddns is not required. Don't use QNAP DDNS stuff at all, just stay away.

For plex access from the Internet you just need to port forward tcp 32400 to your NAS, set your NAS up with a static IP and not DHCP. If you do not use a static IP, then your NAS could be given a new IP address, which would mean the original port forward is no longer working. This is why many people use DDNS and UPnP, it's the lazy (and insecure) way to make things work.

I have no answer for the XYPlorer question, other than it clearly does not know how to properly view SMB/CIFS shares, you may need to tweak the SMB settings somewhere, you should not need to use bonjour to browse files.

[markc6123]

Exactly what I'm trying to do. I've never messed with DDNS or bonjour settings before which is why I asked the question

Why would you use DDNS if you do NOT want to expose any device in your LAN (or a dedicated VPN appliance) to WAN ?

Be very carefull what you expose and have external backups at all times... ransomware is on the hunt

[dolbyman]

explain in detail what you are trying to do

[markc6123]

Access NAS via Plex from outside the LAN without DDNS enabled - FIXED
Access NAS files via XYPlorer, Windows 10 file browser replacement without enabling Bonjour on the NAS

explain in detail what you are trying to do

[dolbyman]

if you have a static IP, you dont need DDNS ..otherwise, that why you would need DDNS

I don't know that explorer replacment ..but a MAC protocol (Bonjour) requirement for it seem strange

[markc6123]

On XYPlorer, that's my thought as well but I only know enough to be dangerous. Further, if I uncheck all services under the setting but leave bonjour enabled at the top it still works, if I uncheck bonjour, it fails. If I enable it again, it fails, enable samba, it works, disable samba, it continues working.
Since it's not broadcasting any services I'd need an Apple or XYPlorer guru to figure that one out.
In the meantime, since it's not broadcasting any services am I still technically exposed to the WAN?

if you have a static IP, you dont need DDNS ..otherwise, that why you would need DDNS

I don't know that explorer replacment ..but a MAC protocol (Bonjour) requirement for it seem strange

[dolbyman]

if you remove uPnP and manual portforwards on the router..nothing should be exposed to WAN

[markc6123]

UPNP is disabled on router and NAS. The only port forward is to the Shield TV so Plex can run outside the LAN. My concern centered on bonjour and having it enabled but no services being broadcast.

if you remove uPnP and manual portforwards on the router..nothing should be exposed to WAN

[dolbyman]

if no ports are forwarded to the NAS, there is no danger of WAN exposure