Does anyone have a full guide on how to host a web server behind a Starlink connection?
I manage to host web servers on IPv4 connections but I am pretty lost with IPv6. I don't want to use a VPS or anything external.
My Starlink router is in bypass mode and I use a TP-Link AX3000 router
- I have disabled the TP-Link router firewall
- I have enabled IPv6 address in the router settings
- I host a webserver (nginx) on my laptop and can access the page (on
http://[::1]
). No HTTPS set-up for the moment
- I have disable ufw on my laptop
- I have set-up a AAAA record on No-IP with the IPv6 address I get from https://test-ipv6.com/
It's not working!
Which IPv6 address am I supposed to provide on No-IP, the one of my router or my laptop?!
I also have multiple IPv6 adresses on my laptop, which one should be used and why?
2: wlp1s0: mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 48:e7:da:0e:52:2f brd ff:ff:ff:ff:ff:ff
inet 192.168.0.10/24 brd 192.168.0.255 scope global noprefixroute wlp1s0
valid_lft forever preferred_lft forever
inet6 2a0d:3344:89:e00:1287:789:2313:f88a/64 scope global temporary dynamic
valid_lft 295sec preferred_lft 295sec
inet6 2a0d:3344:89:e00:132:2409:c6d:ce09/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 295sec preferred_lft 295sec
inet6 fe80::6259:1c60:1deb:705e/64 scope link noprefixroute
valid_lft forever preferred_lft forever
Thanks
Completely? I definitely wouldn't do that, only open the one single port you need towards the one server that's listening.
I will enable the firewall and UFW again when things are working!
Thanks for the precision about the address, it its this one I have specified in No-IP.
Yes I can reach the web server (hosted on my laptop) with my phone connected to the network via Wi-Fi.
So my problem is not the DDNS but rather the access to the server itself from the exterior.
Access is ok both on the laptop and an other peripheral on the network so the blocking occurs upfront. Is there anything I need to enable in my TP-Link router to allow IPv6 traffic from the exterior?
Yes you will need to forward port 80 and 443 to your server from your tplink router.
It works with new router with the IPv6 firewall disabled. Can you help me figure out what is wrong in my configuration because when I enable the firewall it doesn't work?
Does the TP Link router allow you to create rules in the firewall to open specific ports towards specific endpoints?
That’s how most routers do, but some only have a firewall on/off setting without the ability to create individual rules.
No! The IPv6 firewall cannot be disabled nor configured. This is why I returned it
If I look at that screenshot it looks like you can define specific rules? The only problem i see is that you’re using link-local (fe80:: address) as the Local IP, that should be the stable global one (2a0d:xxxx:3040).