Routing port 80
-
Yep a reverse proxy. Traefik, Nginx, or HAProxy would do the trick.
-
@mroth911 said in Routing port 80:
I have residential comcast, and a dynamic ip. I would like to port forward several test servers that run on port 80. using this single ip./ How can I do thats. I know I can port forward 1 to whatever internal IP address./ But how do I do more then one.
A single port outside can only be forwarded to a single port inside. It's a one to one mapping, there is no way to make an exception at Layer 4 as all traffic is the same inbound.
-
@Romo said in Routing port 80:
@mroth911 You would have to setup a reverse proxy.
This is different than sending different port 80 traffic to multiple places, but is the only means of accomplishing what your actual end goal is.
-
@Emad-R said in Routing port 80:
The reverse proxy will do this, but something about PF that makes it more reliable. just tell them to change port number when they visit the page or bookmark it .
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Definitely test this with one server being hosted from this location before worrying about hosting multiple web servers from there.
Just for clarification - Port Forwarding is not typically something the ISP blocks - it's the whole port inbound to your location that they block - to prevent you from hosting websites on consumer connections.
-
@Dashrender said in Routing port 80:
@Emad-R said in Routing port 80:
The reverse proxy will do this, but something about PF that makes it more reliable. just tell them to change port number when they visit the page or bookmark it .
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Definitely test this with one server being hosted from this location before worrying about hosting multiple web servers from there.
Just for clarification - Port Forwarding is not typically something the ISP blocks - it's the whole port inbound to your location that they block - to prevent you from hosting websites on consumer connections.
ISPs cannot block port forwarding. thats physically impossible.
-
@Emad-R said in Routing port 80:
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Port 80 is usually blocked. But forwarding is not blockable.
-
@scottalanmiller said in Routing port 80:
@Dashrender said in Routing port 80:
@Emad-R said in Routing port 80:
The reverse proxy will do this, but something about PF that makes it more reliable. just tell them to change port number when they visit the page or bookmark it .
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Definitely test this with one server being hosted from this location before worrying about hosting multiple web servers from there.
Just for clarification - Port Forwarding is not typically something the ISP blocks - it's the whole port inbound to your location that they block - to prevent you from hosting websites on consumer connections.
ISPs cannot block port forwarding. thats physically impossible.
uh - ok.. yeah, that was my actual point... poor word choice. I was trying to be nice in how I corrected that whole 'blocking port forwarding' Emad said.
-
@scottalanmiller said in Routing port 80:
@Emad-R said in Routing port 80:
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Port 80 is usually blocked. But forwarding is not blockable.
Exactly - if the traffic on a given port makes it to you from the ISP, they can't prevent you forwarding that through your router to an internal device (discounting any arguments where the firewall is controlled by the ISP).
-
@Dashrender said in Routing port 80:
@scottalanmiller said in Routing port 80:
@Emad-R said in Routing port 80:
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Port 80 is usually blocked. But forwarding is not blockable.
Exactly - if the traffic on a given port makes it to you from the ISP, they can't prevent you forwarding that through your router to an internal device (discounting any arguments where the firewall is controlled by the ISP).
Even when they control the firewall, you just add another one
-
@scottalanmiller said in Routing port 80:
@Emad-R said in Routing port 80:
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Port 80 is usually blocked. But forwarding is not blockable.
I haven't run into that yet, but I've heard some do block ports. And it's usually 25. If ISP blocks port 80, setup website on 443, or change ISP.
-
@marcinozga said in Routing port 80:
@scottalanmiller said in Routing port 80:
@Emad-R said in Routing port 80:
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Port 80 is usually blocked. But forwarding is not blockable.
I haven't run into that yet, but I've heard some do block ports. And it's usually 25. If ISP blocks port 80, setup website on 443, or change ISP.
Or just don't use common ports. They can't block very many ports before nothing works.
-
@marcinozga said in Routing port 80:
@scottalanmiller said in Routing port 80:
@Emad-R said in Routing port 80:
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Port 80 is usually blocked. But forwarding is not blockable.
I haven't run into that yet, but I've heard some do block ports. And it's usually 25. If ISP blocks port 80, setup website on 443, or change ISP.
They typically block all the common hosting ports, 25, 80, 443, 465 and 587 to prevent typical business type hosting.
As Scott said - they can't block to much more without causing other issues - but I have seen some block SMB ports as well.
-
@scottalanmiller said in Routing port 80:
@marcinozga said in Routing port 80:
@scottalanmiller said in Routing port 80:
@Emad-R said in Routing port 80:
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Port 80 is usually blocked. But forwarding is not blockable.
I haven't run into that yet, but I've heard some do block ports. And it's usually 25. If ISP blocks port 80, setup website on 443, or change ISP.
Or just don't use common ports. They can't block very many ports before nothing works.
That makes no sense. I can 100% block all new inbound connections on every port, yet not stop anything inside from working normally.
-
@JaredBusch said in Routing port 80:
@scottalanmiller said in Routing port 80:
@marcinozga said in Routing port 80:
@scottalanmiller said in Routing port 80:
@Emad-R said in Routing port 80:
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Port 80 is usually blocked. But forwarding is not blockable.
I haven't run into that yet, but I've heard some do block ports. And it's usually 25. If ISP blocks port 80, setup website on 443, or change ISP.
Or just don't use common ports. They can't block very many ports before nothing works.
That makes no sense. I can 100% block all new inbound connections on every port, yet not stop anything inside from working normally.
There are many services that don't use proxies to get things working, so if you can't host, you can't use that service...
That said, because of ISP shinanagins... Proxies have been put in place for many services to get around these problems...
-
@Dashrender said in Routing port 80:
@JaredBusch said in Routing port 80:
@scottalanmiller said in Routing port 80:
@marcinozga said in Routing port 80:
@scottalanmiller said in Routing port 80:
@Emad-R said in Routing port 80:
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Port 80 is usually blocked. But forwarding is not blockable.
I haven't run into that yet, but I've heard some do block ports. And it's usually 25. If ISP blocks port 80, setup website on 443, or change ISP.
Or just don't use common ports. They can't block very many ports before nothing works.
That makes no sense. I can 100% block all new inbound connections on every port, yet not stop anything inside from working normally.
There are many services that don't use proxies to get things working, so if you can't host, you can't use that service...
That said, because of ISP shinanagins... Proxies have been put in place for many services to get around these problems...
That has nothing to do which what @scottalanmiller said it I said.
-
@JaredBusch said in Routing port 80:
@scottalanmiller said in Routing port 80:
@marcinozga said in Routing port 80:
@scottalanmiller said in Routing port 80:
@Emad-R said in Routing port 80:
Also usually your not allowed to PF on residential stuff, even you set it up it wont work.
Port 80 is usually blocked. But forwarding is not blockable.
I haven't run into that yet, but I've heard some do block ports. And it's usually 25. If ISP blocks port 80, setup website on 443, or change ISP.
Or just don't use common ports. They can't block very many ports before nothing works.
That makes no sense. I can 100% block all new inbound connections on every port, yet not stop anything inside from working normally.
True, you can block inbound only for new.
-
OPTION 1
Easiest is to just port forward on different ports.Router settings:
WAN:8080 -> testserver1:80
WAN:8081 -> testserver2:80
WAN:8082 -> testserver3:80
etcUse http://wan:8081 to get to testserver2.
OPTION 2
You need to set up a name based reverse proxy (for instance using apache) on your LAN.
Dynamic DNS:
domain1 -> WAN address
domain2 -> WAN address
domain3 -> WAN address
etcRouter settings:
WAN:80 or whatever -> reverse_proxy:80Reverse Proxy Rules:
domain1 -> testserver1
domain2 -> testserver2
domain3 -> testserver3When you access http://domain1 it will lead to the WAN address.
When the request hits the reverse proxy it will use the domain name to determine which server to forward the request to. -
This whole idea doesn't make much sense to me. If really "test" why isnt testing internally sufficient? Like seriously what are you testing are you doing that wont work with attaching the instance to a public IP?
It sounds like you are trying to skirt having to pay for additonal IPs or a hosting solution. Hey, I get it. I appreciate a guy trying t o save a buck, but you are creating alot more headache for very little gain. Hosting anything production on your home network woud be pretty silly to save a few pennies. I mean hosted solutions are dirt cheap.
So lets start with this. What are you really trying to accomplish?
-
You can run like 5 websites on a t2.small which is Free Tier as long as you dont have crazy traffic.
-
@IRJ said in Routing port 80:
This whole idea doesn't make much sense to me. If really "test" why isnt testing internally sufficient? Like seriously what are you testing are you doing that wont work with attaching the instance to a public IP?
It sounds like you are trying to skirt having to pay for additonal IPs or a hosting solution. Hey, I get it. I appreciate a guy trying t o save a buck, but you are creating alot more headache for very little gain. Hosting anything production on your home network woud be pretty silly to save a few pennies. I mean hosted solutions are dirt cheap.
So lets start with this. What are you really trying to accomplish?
Another approach would be to use a VPN of some sort.