1. Forum
  2. fsxNet
  3. FSX GEN

  • Cloudflare tunnel (was: Google Discontinues ...)

    From Oli@21:3/102 to Weatherman on Wed Feb 2 10:51:04 2022
    Weatherman wrote (2022-01-31):

    I really want to test out Cloudflare's tunnel service (which is free).
    You can get around carrier-grade NATs or anything and still host services directly on the Internet in the Cloudflare network.

    You run the client on the particular system, set it up to allow a particular service or the entire host itself, setup a CNAME to point to
    the tunnel ID in Cloudflare - and boom! You have your service directly
    on the Internet bypassing all the ISP blocks, carrier grade-NATs, etc.
    No need for a static IP or even a public IP. No opening ports on your
    home firewall, port forwards, or anything. Just really cool!

    AFAIK this only works for HTTP(S) connections, no SSH, no Telnet or Binkp. The problem is that you domain is pointing to shared IP addresses. With HTTP and TLS the domain name is transmitted by the client, but cloudflare cannot proxy a plain TCP connection to the right destination.

    Of course you can tunnel through websocks or use the cloudflared client to connect to your server. But that involves some manual configuration on the client (caller) side.

    https://developers.cloudflare.com/fundamentals/get-started/network-ports

    Maybe it is possible with some paid plan. Cloudflare offers more and more services. It starts to get overhelming. First they offered proxy and DNS services, now we have tunnels and VPN, Teams, "serverless" workers, storage, Email, ... and the web interface gets more and more crowded. Reminds me of Google a couple of years ago.

    ---
    * Origin: Birds aren't real (21:3/102)
  • From Weatherman@21:1/132 to Oli on Thu Feb 3 20:37:34 2022

    AFAIK this only works for HTTP(S) connections, no SSH, no Telnet or Binkp. The problem is that you domain is pointing to shared IP addresses. With
    HTTP and TLS the domain name is transmitted by the client, but cloudflare cannot proxy a plain TCP connection to the right destination.

    For NextCloud, that should be fine. I only need https for this particular setup. I thought you could configure certain ports via tunnel or the entire host's IP (all ports). I have not experimented yet, but the entire thing sounded very interesting to me.

    Maybe it is possible with some paid plan. Cloudflare offers more and more services. It starts to get overhelming. First they offered proxy and DNS services, now we have tunnels and VPN, Teams, "serverless" workers,
    storage, Email, ... and the web interface gets more and more crowded. Reminds me of Google a couple of years ago.

    Yes, they started with DNS and reverse proxy. They have so many more offerings now and keep adding to their portfolio. They are very innovative and I truly hope they end up one day competing head to head with Amazon.

    - Mark
       
    --- WWIVToss v.1.52
    * Origin: http://www.weather-station.org * Bel Air, MD -USA (21:1/132.0)