Ports & NAT VPS
Is it possible to reach a service running on ports 80 & 443 on a NAT VPS?
It is not a web server, not HTTP/S traffic, and can only use IPv4
I've heard that you can use a reverse proxy but I'm new to NAT VPSs
I've searched the forums but didn't find the answer.
Any help is greatly appreciated.
Comments
You won't be assigned ports 80 and 443 on a NAT VPS. You can listen on those ports but that is on an internal IP. You need to forward the traffic to the internal IP listening on ports 80 and 443.
Deals and Reviews: LowEndBoxes Review | Avoid dodgy providers with The LEBRE Whitelist | Free hosting (with conditions): Evolution-Host, NanoKVM, FreeMach, ServedEZ | Get expert copyediting and copywriting help at The Write Flow
HAProxy can if available, forward 80/443 by domain.
But you won't get full access on these ports on a NAT VPS.
Free NAT KVM | Free NAT LXC
Thanks for your answers.
I will order one and test for my self.
What's the best ongoing deals? (EU, USA, AU)
I don't qualify for NanoKVM but do you have HAProxy available?
No, please don't do it, you look like you need a dedicated ipv4 for non http traffic, no matter that the ports are http ports.
Only way on a nat vps would be to use the usually dozen directly mapped ports, instead of 80,443, but that would be to listen on, like 12345 and 12346, for example.
NanoKVM and MrVM has HAproxy, IIRC. But if you need some other service than http/https on those ports, it won't nescessarily work. The other option could be to use cloudflare or something to resolve ipv4 and proxy that to ipv6. (I haven't tested this myself. All my services on NAT VPSes can use my allocated custom ports.)
Hm if you only need http/https traffic no problem whatsoever you can also use cloudflare then. But non http/https won't happen.
You can find a tutorial for that on the old forum.
https://forum.lowendspirit.com/viewtopic.php?id=441
I wonder if the forum will be like gone 'gone' or just archived/read-only since there are some useful threads still @AnthonySmith
So if I understand correctly, HAproxy and CloudFlare can only forward HTTP/S by domain
For example if I'm behind a firewall that allows traffic on IPv4 ports 80/443 only I won't be able to SSH to my NAT VPS using those tools right?
What?
You get a dedicated port for SSH.
Cloudflare does the translation between IPv4 and IPv6, means you forward IPv4 traffic over CF to IPv6 on your VPS.
HaProxy does forward locally v4 traffic on 80/443 to your VM by domain, nothing else except http traffic can be used there.
2 different things.
Also Cloudflare does not accept any other traffic like haproxy e.g http.
Free NAT KVM | Free NAT LXC
Got it, so wouldn't work for my setup
I remember reading a thread on LET about tunnelling a VPN over CF, completely different story but can't find it right now.
In theory, HAProxy could forward any TCP/UDP traffic, but people reported issues with it.
So for http inspects the traffic and if its not looking like http or https, it just drops it.
I mean you get a few ports UDP/TCP you can use for any application.
Using a random port for a web application brings up issues, such as firewalls blocking it etc.
Free NAT KVM | Free NAT LXC
@kalepond what do you intent to use it for exactly?
Cant you use other ports?
NAT VPS are dirt cheap. its worth to get one and learn about it.
True, I will get one and learn about it.
I wantd to try v2ray + CF to see if it can be useful somehow, lot of people claimed greater network speeds.
If using Cloudflare, why not Warp+?
Is this because your ISP doesn't offer IPv6? Write to them and complain (because all good ISPs should have native IPv6 now), then set up a TunnelBroker tunnel. https://tunnelbroker.net/
Daniel15 | https://d.sb/. List of all my VPSes: https://d.sb/servers
dnstools.ws - DNS lookups, pings, and traceroutes from 30 locations worldwide.
Sounds like the OP is from China.
IPv6 deployment in China is mediocre. Carriers rather use CGNAT than IPv6.
The all seeing eye sees everything...
I prefer to go self hosted to:
Implement ad blocking
learn something by doing it myself
potentially bypass blocks / restrictions
Huh, interesting. It's basically the opposite in the USA - some providers are heavily pushing IPv6 in order to avoid having to implement CGNAT. For example, over 95% of traffic through T-mobile's network uses IPv6. Modern phones on the T-Mobile network only get an IPv6 address. They use 464XLAT to allow connections to legacy IPv4-only services (source: https://pc.nanog.org/static/published/meetings/NANOG73/1645/20180625_Lagerholm_T-Mobile_S_Journey_To_v1.pdf PDF)
Daniel15 | https://d.sb/. List of all my VPSes: https://d.sb/servers
dnstools.ws - DNS lookups, pings, and traceroutes from 30 locations worldwide.
Shhh... The GFW doesn't work on ipv6.
The all seeing eye sees everything...
Cloudflare supports IPv6 so there should be no problem, I've already done that setup on NAT VPS before.
Many of us have little choices in ISP ipv6 implementation, & dont have the number to force them to change.
Where im from, consumer ISP prefer to use CGNAT than upgrading their network. since its cheaper.
And their transit network is crap.
FYI this is the best isp locally, so there is no point changing it.
Its cheaper and faster to get overseas hosting and vps to work around this issue.
Yes, it will have better network speed if your ISP is crappy like mine.