New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
IPv4 NAT from Inception
I know I'm a noob hahahaha.
an someone explain me this?
Inception 3 euro a year vps includes 4 ipv6 and 1 ipv4 nat isnt it?
And they said I can have 30 ports to open for nat.
So, the question is:
doesnt they give me an IP but shared? Like the port 14356 from the 199.199.199.199 (fake ip obviously) is mine?
Comments
yes
Some discussion about it on this post if it helps you:
http://www.lowendtalk.com/discussion/comment/224354
I asked them this:
Can you please open the following ports:
NAT PORT INTERNAL PORT
14001 22
14002 80
And they replied:
Hi Mario,
That is not how it works, you would need to change your ssh port to be 14001 and we can set a reverse proxy entry for port 80 if you want to host a website.
I strongly suggest you read through the email you got that already tells you this and join the forum for community support.
Anthony.
@netomx so what exactly do you not understand?
nano /etc/ssh/sshd_configreplace "Port 22" with "Port 14001"
/etc/init.d/ssh restartdone
I'm wondering how they are going to do that. Because there can only be 1 person on the ipv4 address.
That's not correct. I suppose they are simply using a reverse proxy with vhosts, nothing complicated.
There is even a whole website and forum dedicated to this along with a video
but in simple terms, what @rm said
think of the external address as the one your home router holds and each VPS has an internal address, you have 20 TCP/UDP ports forwarded from the router.
The reverse proxy will ready the TCP header so if your website is abc.com it will forward requests (support ticket to request a reverse proxy entry) to abc.com, obviously you need to point the A record and setup your local web server correctly.
@Nyr
I have been busy with haproxy almost the full day and it took a while, haproxy will bind to the external port 80 and not the webserver.
I have been stupid once again
@taronyu that's not being stupid, it's learning
@Nyr
It is stupid because I knew the correct answer
Nope.
nano /etc/ssh/sshd_config
replace "Port 22" with "Port 14001"
/etc/init.d/ssh restart
done
that's the thing i didnt understand... so they are ALREADY forwarded? or they can't configure to receive from the port 14001 and forward it to my ip address port 22?
@netomx they are already forwarded when you get the welcome email.
If you have port 14001 assigned, 14001 from the public IP forwards to 14001 at your private IP.
It's 14001 -> 14001, not 14001 -> 22.
Damn, i feel sooo dumbnuts
let me change the port, thanks
This is what I do using iptables for my OVH server with 1 IP public..
Not sure why the private IP port 22 has to be changed? is it a security thing, or easier to manage?
It has to be changed because you are not inside the private network and port 22 of your private address isn't mapped to any port at any public address. It's needed if you want to connect using IPv4.
well I use something like this, so when i connect with putty I use the servers public ip with port set to 14001, and it would connect to my VPS at port 22 with private IP 192.168.0.5.
iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 14001 -j DNAT --to 192.168.0.5:22I can also use the same SSH port 22 for my second VPS with say a private IP of 192.168.0.10, so long as I use a different external port say 14002..
Maybe Anthoy has a different set up not sure, but I'm just using proxmox OVZ..
Sorry but http://kippingitreal.com/wp-content/uploads/2012/08/Mind-is-Full-of-Fuck.jpg
Yeah, let's go for a convoluted solution involving GRE and host node, it's not like you can simply tunnel your IPv4 from another provider directly to your VPS over IPv6.
That's not funny man... That's a little harsh...
Well my perspective is that this is a cheap as is service, while I am sure lots of things are possible that does not mean they will happen, it is enough of a PITA adding all the haproxy acl's I don't want additional work on it.
I honestly cannot think of a good reason to need native external/IPv4 for this service I have made every provision for people to be able to connect 40 different services as well as a reverse proxy on port 80, if you need native IPv4 then it should be obvious that you are better off getting a VPS with native IPv4... I will happily sell you one of those too
For the price I don't think anyone should be complaining to be honest. Even if it only came with ipv6 it would still be great in my opinion. NAT ipv4 is a luxury in my opinion.
3 EUR, how many VPSes are on the servers... With 40 ports per VPS and 60,000 plus ports to choose from I imagine quite alot..?
The fact that 60,000 ports can be used doesn't mean that they are used.
@Bogdatcutuu I know, just throwing it out there!
This is a sponsored service it runs at a loss, but feel free to throw out what ever you want. it is dedicated ram no burst/vswap, unlike your own definition of dedicated being "Shared Dedicated" i.e. you dedicate the same ram to a number of people.
just throwing it out there.
20 UDP/TCP was a nice round number, it gives enough for a pasv ftp server and a number of other things.
@AnthonySmith That's just the advantage of OpenVZ, moderate overselling. My new project will differ, alot! Along with a HA enviroment... But that's all that can be released for now.
This one will be HA too in a few weeks when the 2nd location comes online.
The way @AnothonySmith used his port numbers means he can, at most, get 600 of them sold on one IPv4 because even though only 40 of them are open, for each 100 port numbers, they can only be used by 1 VPS.
Anyone that puts 600 VPS's on a low powered quad core node wants to be shot!
Honestly, is there really any loss (apart from your time) at all?
I know, it's really really low price but I am wondering how many people will actually use those IPv6 OpenVZ vps resources at all and how many of us will "throw away" those few bucks just to have some little inital fun? 