Port fowarding, somewhat lost for the path ahead

So I have an okay power edge server which I have behind a LAN, and I want to access it from the internet and not pay for either a static IP (definitely not on comcast) or dyn (maybe), and I have read numerous things online on how to port forward, however there exist a problem, the IP itself. I have considered using twillo api to send me its public IP however that seems inefficient, what is the most effective way to attain a changing public IP to tunnel into?

TLDR: Gotta get to a server with a dynamic IP, what is the easiest free way to do so?

Hmm. Maybe a script to send you an email when the ip changes?

Or have it write to a file in a synced Dropbox folder.

I haven’t had to use this in awhile, but there are a few free Dynamic DNS sites that you could check out. One would be noip.com . You could set this up in the router itself or install a small client on the server. Depends on the service.

Edit: On second thought, if you really didn’t want to go the DDNS route, you could see if your ISP is giving out IPv6 addresses to residential customers. Since there are so many available, there is rarely a need to change your address on the ISP end of things unless you change your router’s MAC or something. Run dual stack IPv4 and 6 and that would give you a static v6 address.

DDNS is easier to remember though…

That’s what I was thinking but that seems a bit janky

I mean I could save the incredibly long IP in a textfile. But that being said do all clients for socks proxies support ipv6 yet? I could try this out as my machine has dual nics so its worth a shot. Ultimately if I run a mail server on my own an actual address would definitely be nice. Considering that I am going to be employed soon so $40 every year doesn’t seem so bad.

Level1 briefly covered this in a video on using a VPN with pfsense. You could probably set up a VPN with a normal router, but there won’t be as much security nor as many configurable options in controlling the traffic.

Starts about 8:54 using an example with Private Internet Access VPN:

If you are running a mail server, I really recommend a static IP and not using DDNS. While the change to the DNS server is pretty quick, any mail sent to the server in that time will just be lost. Depending on how many emails we are talking about, that might not be a problem. Just something to consider.

As for the socks proxies, I think most would support it. In a dual stack environment, each client can be set up to get both an IPv4 and v6 address. I’d try calling your ISP and see how they are handling the IP situation. If they are doing IPv6, you could probably get a block of public addresses and have every device set as a static v6 address. No port forwarding needed. Or just set up your server to do dual stack and the other clients stay on v4.

An address that is human readable and not a massive hexadecimal address is just something that looks better, I could buy my own DNS, but once again I really don’t want to buy anything. And with the dynamic address I could most definitely use the mail server as a bot for a number of things so downtime is something that I could potentially not bear to lose. In terms of IPv6 I am on comcast and when I run ifconfig I get ipv6 addresses, and I have been able to game the customer support system at a level which I would be on with the sales people offering me a static address. Could you go into detail regarding obtaining a block of static IPv6 addresses from my ISP? I also have to ask what do you run to attain a domain name?

I am not looking for that yet, I just want to evade proxies and have an encrypted connection home on top of being able access a future next cloud instance. It would be nice to have a VPN of that calibre on a router, however I really just don’t have the cash.

I have had the same dynamic IP for a couple years now. even when ive lost power, could just be lucky. You could put a small UPS on your modem and that would solve that short of a large outage. If it does change i just go into my DNS settings for my domain and change it, takes all of a few minutes before the updates take effect on namecheap

In my router there is a setting to hook it up with Noip for when my IP address changes.

So I can always access my server at mydomain.ddns.net and don’t have to worry about my ip changing, since mine isnt static.

1 Like

Try calling them and explaining that you have something that prefers a static IP to allow remote access (use security cameras or home automation or really anything other than the word “server”. For some reason, they turn right off unless you are business class and pay for a static IP). The ISP gets a huge block of IPv6 addresses for their use. And I mean huge. So usually they will grant a sizable block to a customer if you can sweet talk them without getting business class. Since IPv6 is still (sadly) not commonplace on the consumer level, they might not be able to help you unless they kick it up to a Level 2 or 3 rep. If you can do it, you’ll get a block with a subnet that you can use as publics for your devices if you chose.

The ISP I work for assigns the MAC address of the modem, ONT, or router to always get the same public IP via DHCP on our end. If your IP has been stable for years, this is probably the case and may only change when you change equipment or they need to do a major network addressing overhaul (which is very rare). This could be a good option to use as a “sorta-static”, but there is no promise it won’t change on a whim.

Most of the DDNS services will allow subdomains of their main domain if you can’t/don’t want to pay for one. This would be something like yournamehere.noip.com or whatever. If you want your own domain, you can purchase one from GoDaddy or a bunch of other places. I think Level1Techs even had a promo code for a .tech domain at some point. You pay the yearly fee, they give you a web portal to login and point the domain to whatever IP (or even redirect to your DDNS domain name) you want. Can even order SSL certificates if you really want to get serious (but if you are just doing personal use, use LetsEncrypt.org and get a free one).