The long duckdns URLs are getting annoying to type. I want to switch to something like service1.example.com instead. I’m willing to spend around $10 per year.
My options:
Cloudflare vs Porkbun - both cost about the same
Questions:
Should I pick Cloudflare since I already use their DNS challenge for SSL certs in NPM?
What does being “locked into Cloudflare nameservers” actually mean for my use case?
Is Porkbun better since it gives more nameserver flexibility?
I only need this domain for internal services on my home network. The pricing is similar so that’s not a deciding factor. What would you recommend and why?
I’d go with Cloudflare, lock-in concerns aside. You’re already using their DNS challenge for Let’s Encrypt, so staying put makes maintenance easier. The nameserver lock-in isn’t a big deal for home labs - you’re not running a business where switching providers matters. Cloudflare’s dashboard is cleaner and their DNS propagation beats most registrars I’ve tried. Plus they enable DNSSEC by default. I moved my homelab domain from Namecheap to Cloudflare last year - no regrets. Their API integration works perfectly with NPM for cert renewals, and you’ll have fewer things to troubleshoot when DNS acts up.
Been in the same spot - I’d go with Porkbun for the flexibility alone. Cloudflare’s DNS works great, but you’re stuck with vendor lock-in that’ll bite you later. Since you’re just running internal services, you don’t need Cloudflare’s CDN stuff anyway. Porkbun plays nice with your existing PiHole and Unbound setup, so you can tweak domain records whenever. Their API handles Let’s Encrypt DNS challenges without any headaches too. The interface is straightforward and support actually helps when you need it. For a home lab where you want control and flexibility, Porkbun’s your best bet.
Both work great for homelab setups, but I’d go with Porkbun. I’ve used both - Cloudflare feels like overkill when you just need a basic domain. Porkbun’s interface is cleaner and includes free whois privacy. The nameserver setup won’t matter unless you’re planning to switch providers down the road. Both handle Let’s Encrypt challenges fine, so that’s a wash.
I’ve managed domains for dozens of internal services across different environments. Here’s what I learned.
Sure, both registrars work fine, but you’re missing the point. Manual DNS management becomes hell when you scale past a few services.
I used to waste hours updating DNS records every time I spun up containers or changed internal IPs. Now everything’s automated.
New service hits my homelab? Automation detects the container, grabs the service name, updates DNS through the registrar API, and triggers cert renewal. Done. No more typing URLs or babysitting records.
Your PiHole setup’s perfect for this. Automate DNS record creation based on running services and sync with your registrar automatically.
For your case, Porkbun’s API is cleaner and plays nice with automation tools. Cloudflare works but their API’s more complex for simple stuff.
Real win? Never thinking about DNS again. Deploy service, DNS updates, certs get issued. All automatic.
I’ve run similar setups across multiple homelabs, and honestly, you should focus more on the DNS resolution path. With PiHole and Unbound, your internal queries won’t even touch your registrar’s nameservers most of the time - PiHole becomes your authoritative source for internal domains.
What actually matters is how well the registrar handles external DNS challenges for Let’s Encrypt renewals. Cloudflare’s API is way more reliable under load, especially when you’re running multiple cert renewals at once. The “lock-in” thing people complain about is overblown for homelabs - you can export your zone file anytime.
The real difference is monitoring and alerts. Cloudflare gives you much better visibility into DNS query patterns and issues. When your cert renewals fail at 3am because of API rate limits or DNS delays, you want to know right away. Both work fine technically, but Cloudflare’s tools give you way better insight into what’s happening with your domain.