Does anyone have a full guide on how to host a web server behind a Starlink connection?
I manage to host web servers on IPv4 connections but I am pretty lost with IPv6. I don’t want to use a VPS or anything external.
My Starlink router is in bypass mode and I use a TP-Link AX3000 router
- I have disabled the TP-Link router firewall
- I have enabled IPv6 address in the router settings
- I host a webserver (nginx) on my laptop and can access the page (on
http://[::1]
). No HTTPS set-up for the moment - I have disable ufw on my laptop
- I have set-up a AAAA record on No-IP with the IPv6 address I get from https://test-ipv6.com/
It’s not working!
Which IPv6 address am I supposed to provide on No-IP, the one of my router or my laptop?!
I also have multiple IPv6 adresses on my laptop, which one should be used and why?
2: wlp1s0: mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 48:e7:da:0e:52:2f brd ff:ff:ff:ff:ff:ff
inet 192.168.0.10/24 brd 192.168.0.255 scope global noprefixroute wlp1s0
valid_lft forever preferred_lft forever
inet6 2a0d:3344:89:e00:1287:789:2313:f88a/64 scope global temporary dynamic
valid_lft 295sec preferred_lft 295sec
inet6 2a0d:3344:89:e00:132:2409:c6d:ce09/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 295sec preferred_lft 295sec
inet6 fe80::6259:1c60:1deb:705e/64 scope link noprefixroute
valid_lft forever preferred_lft forever
Thanks
I would recommend to make sure your ports are actually open, there are many online port scanners. You would want to set No-IP with your router IPv6 address. When scanning you would want to put the No-IP address you configured or the router IPv6 address.
I would highly recommend to not disable the firewall on your router but to port forward the ports you need (80/443) in your case.
If you are able to ping the No-IP address, and it gets resolved to your router address than its working.
It works with new router with the IPv6 firewall disabled. Can you help me figure out what is wrong in my configuration because when I enable the firewall it doesn’t work?
Your router’s ipv6 needs to be used for noip
I have disabled the TP-Link router firewall
Completely? I definitely wouldn’t do that, only open the one single port you need towards the one server that’s listening.
It works with new router with the IPv6 firewall disabled. Can you help me figure out what is wrong in my configuration because when I enable the firewall it doesn’t work?
Does the TP Link router allow you to create rules in the firewall to open specific ports towards specific endpoints?
That’s how most routers do, but some only have a firewall on/off setting without the ability to create individual rules.
No! The IPv6 firewall cannot be disabled nor configured. This is why I returned it
If I look at that screenshot it looks like you can define specific rules? The only problem i see is that you’re using link-local (fe80:: address) as the Local IP, that should be the stable global one (2a0d:xxxx:3040).
I will enable the firewall and UFW again when things are working!
Thanks for the precision about the address, it its this one I have specified in No-IP.
Yes I can reach the web server (hosted on my laptop) with my phone connected to the network via Wi-Fi.
So my problem is not the DDNS but rather the access to the server itself from the exterior.
Access is ok both on the laptop and an other peripheral on the network so the blocking occurs upfront. Is there anything I need to enable in my TP-Link router to allow IPv6 traffic from the exterior?
Yes you will need to forward port 80 and 443 to your server from your tplink router.