My Goal:

I want my wife’s phone to use a single server URL in her app (e.g., audiobooks.mydomain.com) at all times. I don't want her to have to switch servers in the app manually.

• Away from home: It should route through the Cloudflare Tunnel so she can stream her books.
• At home: It should route entirely over our local Wi-Fi so she can bulk-download large audiobooks at gigabit speeds without piping gigabytes of raw media files through the free tier tunnel, keeping me completely safe from getting banned by Cloudflare for high media bandwidth.

The Plan (and the IPv4 / IPv6 Hurdle):

To achieve this, I am planning to implement Split-Brain DNS using my local AdGuard Home instance to intercept audiobooks.mydomain.com internally and point it straight to my server's local IPv4 address (e.g., 192.168.1.50).

However, my server is strictly IPv4-only (IPv6 is enabled on my local LAN however), but our cellular carriers use native IPv6.

I'm worried about a specific caching/fallback scenario: When my wife walks back into the house and her phone reconnects to the local Wi-Fi, it will query AdGuard Home and get the local IPv4 address. But because smartphones aggressively prefer IPv6, I am concerned the phone might try to reuse a cached public IPv6 address it received while on cellular data or bypass the local IPv4 override entirely to hit Cloudflare's public edge network anyway.

My Questions for the Community:

1. Is my concern about the phone bypassing the local IPv4 DNS override via a cached public IPv6 AAAA record valid?
2. If I add a custom filtering rule in AdGuard Home to completely block/nullify IPv6 queries for that specific domain (e.g., ||audiobooks.mydomain.com^$v6), will that successfully force her phone to drop back to the local IPv4 address while at home?
3. For those running Audiobookshelf or similar low-bandwidth audio services through Tunnels, is the trickle-bandwidth from streaming a single book small enough that Cloudflare doesn't care, or is the Split-Brain DNS approach strictly necessary to protect my account during bulk-sync downloads?

Appreciate any insight, configurations, or advice you guys have!

Sorry for having to use AI to write this but if I wrote it, you probably wouldn't have any idea what I was asking as I tend to ramble, but this is the gist of what I'm trying to figure out.

I'm not trying to bash anyone. By all means, do what you want to do with your own server, but I'm trying to understand why some folks download HUGE movie files. I've seen some movies even be over 100GB. For reference, I have about 16,000 TV Episodes and 1000 Movies and that takes up roughly 13TB. I've always considered myself someone of an audio/videophile. I have a couple movies that I've downloaded 4k versions and while it looks great, I can't justify using all that storage space on every movie. Do most of you have a few select movies that you allow to be massive file sizes or is your whole library like that?

I'm trying to prioritize Plex upload traffic over qBittorrent on my home network. Both run on the same machine, with qBittorrent running behind ProtonVPN (binhex qbittorrent). My router (TP-Link AX6000) has device-level QoS but since Plex and qBittorrent share the same machine IP, I can't prioritize one over the other.

Someone suggested giving the qBittorrent container its own IP using a macvlan Docker network, so the router would see it as a separate device and I could set it to low priority in QoS while keeping my main machine (Plex) at normal/high priority.

My questions:

1. Would this actually work for QoS at the router level, or does the VPN tunnel complicate things?
2. What would need to be reconfigured? I'm assuming Radarr/Sonarr would need updated to point to the new qBittorrent IP — anything else?
3. Any gotchas with macvlan on Unraid I should know about?

Current setup:

- Unraid server

- qBittorrent + ProtonVPN with port forwarding

- Radarr, Sonarr pointing to qBittorrent

- Plex on the same machine

- TP-Link AX6000 router

I will be running my first parity scan tomorrow and was just curious how often everyone else runs one. I've been chatting with my best friend Claude and it tells me if you run a UPS you don't really need to run it every month (it recommends once a quarter). Most of my data is just media but I do run daily uploads to Immich and general storage from my desktop. Since I have a UPS, I'm not really worried about dirty shutdowns, just mainly protecting data in the event of drive failures. My drives usually last 10+ years and I don't want to shorten their lifespan by running parity checks too often.

Hey guys! I have vault warden hosted on my unraid server at home. I bought a domain a while back to host some other things through Cloudflare tunnels to add an extra layer of auth. The issue I'm running into is that the vault warden app hits the Cloudflare zero trust login page that would normally ask users to enter their email address to get a OTP (one time pin) to authenticate. The app doesn't allow me to go through this process since it's an application and not a web browser. What is the best way to set this up so the app can successfully connect to my service on my server? I would rather not have to enable anything each time I want to connect via the app (tailscale, WARP). I've tried allowing a bypass policy that allows certain people to bypass certain paths (/api, /notification, /identity, and /icons). I don't really like doing this since it lets a large amount of people bypass those specific paths.

Edit: I forgot to add that I use Cloudflare tunnels to host if that wasn't obvious. Sorry.

I recently moved my NVMe that I've used on my windows desktop for the past few years to my unraid server to act as the cache drive. It's 4TB. My old cache drive was a 2.5" 500GB SATA SSD. Currently, it's just sitting in my server in unassigned devices. I don't know what to use it for now. I thought about using it to act like a media cache drive for tv shows I watch often so all my drives are allowed to spin down. I also thought about using it as a landing pad for downloads to save my NVMe from writing constantly, but my wife and I go through spurts where we will download so much crap at once it wouldn't be large enough for that purpose. Maybe to store all music so Plexamp is snappy? What do you guys think?

I have a few series (usually older cartoons) that have multiple episodes per file. Plex plays them fine but if there are 2 episodes per file, after it gets done playing S01E01, it will play the same file when it moves onto S01E02. I have spent the time to split the episodes into individual files, but that gets time consuming.

Hey guys, not sure if this is the right place to post this but I had some questions. I recently built myself a server and I am running unraid on it. I have a few things I wanted to be accessible without having to turn tailscale on (wife wants simple), so I purchased a domain. I set up the domain on Cloudflare and use cloudflared container to create the private tunnel. While I was setting everything up in the Cloudflare dashboard, I was absolutely overwhelmed by the number of settings. I'm probably not going to use the correct terminology, so I apologize in advance. I set everything up so users end up on the Cloudflare login page. They type their email in and then receive an OTP (one time pin) in their email. If the email they used matches the emails I specially allowed to access my service, they get forwarded to the login site of the service (in this specific case its seerr, got tired of my mom asking me to download stuff for her). I guess what I'm trying to ask is how to be security conscious while having a service publicly accessible. I currently actually have 2 ways to login (OTP and Google). Does all this seem ok? security wise? I feel like I need to take a certification course just to navigate the Cloudflare dashboard. I apologize for the long rant.