External ip to workload

We have external DNS (DnsMadeEasy), pointing an external ip to our internal firewall.

Firewall converts external IP to private IP. to

I want to expose a “Hello-world” service on ip

Im thinking this is the “External DNS” topic, but not sure on where to take it. I really feel like our traffic must flow through our firewall…

Thanks in advance,

So I understand a load balanced ingress exposes a service and I can specify a Hostname for that ingress. Foo.bar.com. So how does this ingress become accessible globally?