It's fairly straightforward to do for free with Hurricane Electric. Some home routers even have it built in as an option. https://tunnelbroker.net/
I'm assuming anyone who's playing around with servers is capable of implementing it.
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
It's fairly straightforward to do for free with Hurricane Electric. Some home routers even have it built in as an option. https://tunnelbroker.net/
I'm assuming anyone who's playing around with servers is capable of implementing it.
It's very easy to setup a Hurricane Electric tunnel and you get an entire /48 for free. The only downside is that it doesn't work over CGNAT.
It looks like IPv6rs is using WireGuard, so it can work even with CGNAT. I didn't see any mention of what size allocation they hand out though.
They don't allocate you a prefix. The website says they give you 5 addresses.
Yeah that's a fair point, much like a VPN I could see this being useful in scenarios where you have limited control over your network.
I tried with HE and you need an external IP before you can use it which makes it completely pointless. I think it's way easier to do it with ipv6rs.
That must be a very unfortunate situation where you don't have control of your network for that to be a concern though. in which case I wouldn't expect it to be suitable for a internet facing homelab?
Like I'm struggling to think of scenarios for this.
I suppose you could be trying to setup a homelab on a college network or using someone else's internet connection where you have no input on the matter.
Perhaps, I could see a case for CGNAT like another user mentioned, where the whole town shares an single IP for example. But I'd imagine such a network would offer poor performance.
But in all those scenarios, a VPS is cheaper and you can do everything this service offers and more.
From IPv6.rs FAQs I get the impression that they only provide IPv6 route through their tunnel. I think self-hosting something only reachable via IPv6 would cause you trouble accessing it in IPv4 only networks - which are still far more common compared to IPv6.
Hurricane Electric provides such IPv6 over IPv4 tunnel facility with /48 block routed to your network. I've only used this service for testing my IPv6 knowledge, so performance-wise I'm not sure how good it is. Thus, if IPv6.rs provides a significant performance over the HE-TunnelBroker, then I'd suggest you go with IPv6.rs given a decent price for the service.
If you are considering a simple to set-up tunnel utility for your self-hosting applications, I'd suggest you consider other tunneling options which have both IPv4 and IPv6 capabilities. Some widely used ones are Cloudflare Tunnel and Ngrok. You may also use Tailscale to connect both server and client via VPN. Using Cloudflare or Ngrok would involve some privacy concerns, as they can see the traffic passing through the tunnels in plain text.
E: better words substitution
What problem does this solve? Do ISPs not provide IPv6 prefixes anymore?
Yep my ISP doesn't offer ipv6, I had to set my own up through Tunnel Broker lol
Some bad still ISPs don't provide IPv6 connectivity. (Verizon)
To best serve our customers during this time, Verizon is rolling out IPv6 address space in a "dual stack" mode – where IPv4 and IPv6 addresses are both loaded.
Seems like verizon do...
They have been in the process of rolling it out for what must be a decade now, meaning there are still areas where they don't offer it.
I believe it's helps expose apps running on a home server to the public internet, securely. It allows self hosters to tie internal apps to a domain name. Someone please correct me if I'm wrong.
That's what a firewall and a DNS service is for respectively, imho. As long as you get an IPv6 prefix from your ISP, you can expose as many devices or services to the public as you want, by just allowing incoming traffic to a listening port. That was sort of the whole point of having a large enough address space when moving away from v4. Maybe it's just me but reading stuff about "private AI" on a website where the relation to the product is not immediately obvious, makes me question their legitimacy.
The more I look at their site, the more it reads like a sales pitch for IPv6, which sounds kind of expensive at $6-10 a month.
I'm assuming it's aimed at people trying to avoid tying the hosting IP to the publicly consumable service.
You mean hiding their public IP? I guess that's a feature.
Doesn’t a DNS provider do that?
$10 per month and all you get is 5 IPv6 addresses (I assume that's what they mean by "5 Static Visible IPv6 Tunnels")? What a shameless scam.
Edit: Though maybe you're paying for the "Tier-1 (as in ISP?) Bandwidth". But if they want me to take them seriously, they need to give me a /64 prefix instead of a measly 5 addresses.
If you aren't behind NAT and know how to handle your own networking you can get free IPs from HE.net. That's the easiest way.
I use ipv6rs because in my case it's cheaper than using a vps since there aren't any bandwidth caps and I only use 3 IPs (jellyfin and *arr).
Yeah, tunnelbroker.net is what I use. It works behind NAT too, and they even give you a /48! For free!
To be clear I wouldn't mind paying for guaranteed speeds because the he.net tunnel can be a bit slow at times. My problem with this is that they don't give you a /64 which basically makes it useless for anything but the "host a couple services" use case. Most people who would consider this, including me, probably don't have IPv6 connectivity from their ISP at all and would like to get routable IPv6 address space for their home network.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
Fewer Letters | More Letters |
---|---|
CGNAT | Carrier-Grade NAT |
DNS | Domain Name Service/System |
IP | Internet Protocol |
NAT | Network Address Translation |
VPN | Virtual Private Network |
VPS | Virtual Private Server (opposed to shared hosting) |
[Thread #734 for this sub, first seen 3rd May 2024, 14:05] [FAQ] [Full list] [Contact] [Source code]