this post was submitted on 02 Feb 2024
9 points (80.0% liked)

Selfhosted

39435 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I don't have access to my router and my ISP charges for port forwarding (I think they might have a CGNAT setup?).

I'm trying to work around that since I want to start hosting some apps and game servers from my PC. I'm seeing a lot of talk about tailscale as a possible solution to this but honestly I'm a bit confused with all the options and whether this is actually the proper tool for the job.

Assuming it is, do I go the route of setting up a "tailscale funnel" or a "subnet"? Will other people have to install tailscale too if they want to join my servers? People also mention Netmaker or Cloudflared Tunnel, although it also seems like cloudflare doesn't want their tunnels used for game and media traffic?

The more expensive option I guess would be just paying for protonvp premium since it offers port forwarding in that case, but I'm not sure about performance and whether it's worth it, at that point I might just rent a server instead.

Hoping you folks at self-hosted have more ideas on how can I, well... self host instead of throwing money at the problem.

all 14 comments
sorted by: hot top controversial new old
[–] [email protected] 4 points 9 months ago

Tailscale funnels allow people on the internet to connect to a Tailscale domain and they will be connected to your server at home through a secure tunnel.

Tailscale subnets allow a device using Tailscale to expose devices that are not using Tailscale in their LAN to other nodes in the tailnet. So if for example you use Tailscale on your phone when you're on vacation and you have a subnet on a PC at home also using Tailscale, you can reach a network printer on your LAN at home even if that printer is not running Tailscale.

There's one more interesting thing you can do with Tailscale and that's an exit node. When you make a Tailscale device an exit node it will let other Tailscale devices connect to the internet as if they were the first device. It's useful when you're away from home at a hotel or airport wifi and want a secure connection, because the connection will be encrypted due to Tailscale. Can also be used to appear at home when you're traveling for whatever reason (trick Netflix in showing you the catalog from your home country, pretend to be at home when working remotely etc.) It acts like a VPN service in a way.

[–] [email protected] 3 points 9 months ago* (last edited 9 months ago) (1 children)

Tailscale requires each person be granted access, I.e. it's private. (Edit:I didn't know about Tailscale Funnel, which is more like Cloudflare tunnel)

Cloudflare Tunnel gives anyone on the internet access, but to my knowledge only covers HTTP traffic. If what you're trying to do requires port numbers then I don't think that will work.

In regards to media traffic, Cloudflare silently removed that section of their Ts & Cs, so hosting Jellyfin, etc should now be OK.

You might be able to use Tailscale on a cheap VPN to forward traffic to your setup, but it might be cheaper and easier to pay your ISP.

It's worth pointing out that port forwarding happens on your router, but if you don't have a public IP then it won't work. Sometimes ISPs will give you a public IP if you just ask, sometimes they tie it to a static IP add-on and charge for it. It sounds like you might be in the latter case. It can vary by ISP, so if you live somewhere where you get a choice, you may find another ISP is a better deal (e.g. where I live some charge $15 a month for a static IP, some charge a one off $40 fee, and some you can just ask and they will give you a public dynamic IP for free. Others will give everyone public dynamic IPs).

[–] [email protected] 2 points 9 months ago (1 children)

My ISP says my IP is technically dynamic, but it hasn't changed once in the 6 years I've had their service. But that's for the best, since they're the only choice for symmetrical gigabit and their only option for static IPs is for business accounts.

So I continue to trust that they won't change it. Fingers crossed.

[–] [email protected] 2 points 9 months ago (2 children)

Dynamic IPs don't change very often. Sometimes you can get a new one by restarting your router, which most people don't do very often. But in my experience they stay the same if you don't restart it.

If you do end up with a new IP occasionally, it's typically not too hard to change things to the new one.

[–] [email protected] 3 points 9 months ago

You can also just spend $10 on a domain name with a registrar that offers dynamic DNS. Offhand, both Namecheap and Cloudflare do. I have no idea what my public IP address is because my router just updates it automatically for me. Plenty of DDNS desktop clients around if your router can't for whatever reason.

[–] [email protected] 2 points 9 months ago (1 children)

Haven't seen mine change in 5 years, lol. Even with modem reboots!

[–] [email protected] 1 points 9 months ago

Does your ISP sell static IPs? Maybe they are all static?

For an ISP using all public IPs, in the days of dial up they could rent less IPs than customers because people were online at different times. These days the routers are all online 24/7, so it seems odd to me that some ISPs have everyone on public IPs but they aren't static. Probably some technical reason why things don't work how I think they do, but it just feels like a way to sell static IPs as an add-on when it wouldn't cost them anymore to allocate an IP to a customer for the life of the connection.

[–] [email protected] 3 points 9 months ago (1 children)

Will other people have to install tailscale too if they want to join my servers?

Yes if you use Tailscale VPN (with or without subnet routers), this makes a private network.

No if you use Tailscale Funnel, as this exposes your service to the internet.

Tailscale Funnel does only seem to support TCP though, so games that use UDP will not work with it.

Here's a list of tunnels, but it's not clear which ones support UDP: https://github.com/anderspitman/awesome-tunneling

[–] Cyno 1 points 9 months ago (1 children)

Thanks for linking that, seems like a great resource! Seems like there's a few that support UDP although I'm not sure if they will work with a CGNAT setup, also their setup seems a bit more complicated and technical than expected but I need to look more into it tomorrow. If everyone else needs to have this installed then that might be an issue

[–] [email protected] 1 points 9 months ago (1 children)

Yeah my ISP uses CGNAT for residential as well, and I just ended up buying a static IP for the $5 a month to get rid of that issue.

[–] Cyno 1 points 9 months ago (1 children)

I was really hoping there was something like hamachi/xfire/garena from the old days but modernized and more stable 😅 I just assumed it'd be a solved problem by now.

I'm not giving up on tailscale yet, I'll try the funnel feature but yeah... seems a bit troublesome for sure

[–] [email protected] 1 points 9 months ago

Tailscale VPN is pretty similar to how Hamachi worked, Zerotier is another similar option.

[–] [email protected] 1 points 9 months ago* (last edited 9 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
CGNAT Carrier-Grade NAT
DNS Domain Name Service/System
HTTP Hypertext Transfer Protocol, the Web
IP Internet Protocol
NAT Network Address Translation
TCP Transmission Control Protocol, most often over IP
UDP User Datagram Protocol, for real-time communications
VPN Virtual Private Network

7 acronyms in this thread; the most compressed thread commented on today has 9 acronyms.

[Thread #479 for this sub, first seen 3rd Feb 2024, 00:05] [FAQ] [Full list] [Contact] [Source code]