Pro: 1Gb upload and download speeds on free Internet provided by the HOA. Con: As a self hoster, I have zero control over it. No port forwarding, no DMZ, no bridge mode. It’s Starbucks free WiFi with a wired connection.

Option A: Buy Google Fiber and don’t use free Internet. Option B: Create some elaborate tunnel through a VPS.

My public self hosted activities are fairly low bandwidth (password manager, SSH). I have a vague idea that I could point my domain to a low cost VPS that has a VPN tunnel into my home network for any incoming connection needs. That may require me to fill in port forwards on both systems but whatever. Tailscale is serving most of my remote needs but I still need a few ports. This does not fix the issue of online gaming port forwards (Nintendo Switch online requires a huge forwarded range for best performance) but oh well for now.

UPDATE: I think they’re using this system. https://www.cambiumnetworks.com/markets/multi-family-living/ The personal Wi-Fi overview makes it clear each AP is given it’s own VLAN which sounds a whole lot like the whole building is sharing one IP and there’s no way I’m going to get my own Internet access. They even detail how you can roam the building and maintain your WiFi connection across your neighbor’s and the common areas APs. This is the IPV4 future.

  • bruhduhEnglish
    510 months ago

    Option b of course, rent cheapest vps, ionos.ca offers plans for 2$ per month, it’ll be cheaper than Google fiber, you can also use sshuttle https://github.com/sshuttle/sshuttle on your openwrt router and connect everything to it be it by cable or wireless, then Nintendo gaming will also have that port forwarding because your whole traffic is going to go through vps

  • InEnduringGrowStrongEnglish
    9610 months ago

    Haven’t had to use port forwarding for gaming in like 30 or so years, so I just looked up Nintendo’s website…

    Within the port range, enter the starting port and the ending port to forward. For the Nintendo Switch console, this is port 1024 through 65535

    LMAO, no thanks, that’s not happening.

    For your question, you could likely route everything through a tunnel and manage the port forwarding on the other end of the tunnel.

    • MaggiWuerzeEnglish
      4410 months ago

      Why not also remove the password from my wifi while im at it?

      • @johnnixon@lemmy.worldOPEnglish
        910 months ago

        I actually gave it 44000-65535 and it’s connecting well. That’s another reason why I wanted a more robust network: IOT VLAN to segregate that risk.

        • youmaynotknowEnglish
          110 months ago

          That’s how I have it at home. 6 VLANs total. Even IoT and Media/games are separated from each other.

  • @vsis@feddit.clEnglish
    810 months ago

    VPS + VPN is the cheapest option I believe for the services. It doesn’t have to be “elaborated”.

    You can port-forward public VPS ports to your private addresses/ports. If you don’t want to use iptables you can use firewalld.

    The only “but” will be latency. For gaming it won’t perform as you may need.

  • @framedragged@lemmy.worldEnglish
    12 months ago

    Hi there!

    Sorry to necro this, but I’m in a very similar situation (subject to smartaira’s crazy vlan setup in an apartment) and I was wondering if any of the suggestions in this thread worked for your needs?

  • @Abba@monyet.ccEnglish
    610 months ago

    I have personally gone the VPN route with wireguard. Right now I have it setup so that all of my servers connect to my wireguard server on the VPS. Then I simply either just point my reverse proxy at the wireguard IP address or setup a forwarding rule in IP tables. Also try to get a VPS that is located close as it will reduce the ping times if that is important to you. I also recommend that you keep services which you only need to like ssh not forwarded and either use tailscale or wireguard to connect when you need to. With regards to the switch it is theoretically possible to setup a special access point with port forwarding through a VPN but it is much more complicated. It might be easier to accomplish this with a more traditional VPN service as some providers specifically cater to individuals looking to use a VPN for online play.

  • @chronicledmonocle@lemmy.worldEnglish
    119 months ago

    If they’re providing IPv6 to you, port forwarding shouldn’t be necessary most of the time for online gaming.

    Are they allowing UPnP upstream?

    • @vividspecter@lemm.eeEnglish
      110 months ago

      Assuming the Switch supports ipv6, and given how backward Nintendo’s tech tends to be, it wouldn’t surprise me if they didn’t.

      Although at least nintendo.com has an AAAA record.

    • 0^2English
      510 months ago

      This. 100% this. Ipv6 underrated.

  • @cola_nut@lemmy.worldEnglish
    310 months ago

    I’m currently running option B since I had the same issue where I was living when I built my server. I have a DigitalOcean vps and an openvpn tunnel between that and my home server, and the vps just forwards and masquerades all traffic. I’ve definitely had issues with speeds, and in the past it’s fluctuated so could’ve been an issue with something besides the vpn. It’s been a while since I’ve used it for streaming or game servers, but last I remember the speed wasn’t too bad. Playing factorio there was some noticeable latency but still playable although other games might not work as well. I’ve also done self-hosted broadcasts using owncast and that worked fine.

  • KairosEnglish
    210 months ago

    Yes you can do this. Two problems:

    It isn’t fast. Watch your MTU.

    Youll have to make sure return packets come through the VPS on their way back. You’ll have to set up those packets to masquerade on their way out, otherwise you’d see internal IPs on the internet (they get dropped immediately). You can either masquerade them on the inside so they appear to be coming from your VPS (internally), or if you want the destination computer to see the real Internet IP, you’d need to set up rules on the destinarion computer which routes packets through the VPS otherwise they’d return via the default gateway.

    • semi [he/him]English
      310 months ago

      I have been using it for the last 3 months to expose services from my home internet (plex, wireguard, etc.) through a VPS and I’m pretty happy with it. It’s relatively simple to set up, I haven’t had any outages so far, and it’s nice that it supports UDP port forwarding as well as TCP (for wireguard).

  • @Decronym@lemmy.decronym.xyzBEnglish
    1810 months ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    AP WiFi Access Point
    HTTP Hypertext Transfer Protocol, the Web
    IP Internet Protocol
    IoT Internet of Things for device controllers
    NAT Network Address Translation
    PoE Power over Ethernet
    TCP Transmission Control Protocol, most often over IP
    UDP User Datagram Protocol, for real-time communications
    VPN Virtual Private Network
    VPS Virtual Private Server (opposed to shared hosting)
    nginx Popular HTTP server

    11 acronyms in this thread; the most compressed thread commented on today has 12 acronyms.

    [Thread #843 for this sub, first seen 2nd Jul 2024, 12:15] [FAQ] [Full list] [Contact] [Source code]

  • @Technoguyfication@sh.itjust.worksEnglish
    510 months ago

    Set up a cheap VPS on DigitalOcean or the like, and run a Tailscale exit node. Put Tailscale on your devices at home (or get a 2nd router that allows you to run Tailscale on it) and join them to the same Tailnet. That’s the easiest way to accomplish this without getting too far into the weeds.