44 lines
1.7 KiB
Markdown
44 lines
1.7 KiB
Markdown
---
|
|
Owner: Claudio
|
|
---
|
|
# DS-Lite
|
|
|
|
My ISP (Salt) uses DS-Lite which basically shares a few IPV4 addresses between a lot of customers and internally route traffic using IPV6 addresses. This means that I only have a static IPV6 address and nothing else.
|
|
|
|
If you want to access your home network you will need to either use IPv6, which does not always work (old devices use IPv4) or have a port-mapping service that translates IPv4 traffic to your static IPv6 address.
|
|
|
|
|
|
|
|
# Other Methods
|
|
|
|
## Zerotier
|
|
|
|
Zerotier is an amazing tool to do a peer to peer network, it will however not allow anyone to access a service.
|
|
|
|
## Tailscale
|
|
Tailscale is a VPN network very similar to zerotier
|
|
|
|
## VPS Forwarder
|
|
I'm using [[nginx]] to forward ipv4 requests to my static ipv6 address of the NAS. It acts as a reverse server using different ports for different applications and I'm using A-records on my hosting provider to differentiate subdomains into different applications:
|
|
- [photos.claudiofritsche.com](https://photos.claudiofritsche.com)
|
|
- [drive.claudiofritsche.com](https://drive.claudiofritsche.com)
|
|
- [kino.claudiofritsche.com](https://kino.claudiofritsche.com/)
|
|
|
|
The nginx subsite has the following config in `sites-availble`:
|
|
```xml
|
|
server {
|
|
|
|
server_name drive.claudiofritsche.com;
|
|
location / {
|
|
proxy_pass https://[2a04:ee41:3:c45c:211:32ff:fec0:4372]:5555;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|
|
```
|
|
|
|
then I used certbot to add the ssl: ` sudo certbot --nginx -d drive.claudiofritsche.com`
|
|
|
|
and finally reload the nginx service: `sudo systemctl reload nginx` |