how to run my minecraft server through tunnels
how do I setup tunnels to allow my player to join on ip:25565 and ip:19132
44 Replies
?tunnel-tcp
Cloudflare Tunnels use Cloudflare's proxy, which only supports proxying HTTP Traffic. If you want to use non-http applications over your tunnel, Cloudflare has a few other options:
For a few specific protocols such as SSH, RDP, and SMB, Cloudflare has guides for them here:
https://developers.cloudflare.com/cloudflare-one/applications/non-http/
For Arbitrary TCP like Minecraft, MySQL, and any other tcp application, Cloudflare has a guide here: https://developers.cloudflare.com/cloudflare-one/applications/non-http/arbitrary-tcp/
For Arbitrary UDP like Minecraft Bedrock, SMTP, and any other udp application, you will need to use Private Networking with WARP: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/connect-private-networks/
Please note for all of these except SSH and VNC which can be browser-rendered, you will either need to use cloudflared (Cloudflare's tunnel daemon) on the client machine running in the background or Private Networking with WARP, and have WARP installed on the client machine logged into your Zero Trust Team.
Players will need to install and run some software to connect, either cloudflared or WARP with Private Networking. They cannot simply connect to your hostname/through the tunnel without running software on their PC.
it is running on my server
the issue is that when I put the ip and a subdomain
the tcp connection does not work
I would read my message again
Players need to install and run software, not just the server
players cant do that
is there way to foward it through cname records?
then you can't really use tunnels for what you want. CF has Spectrum (proxying TCP in general) but it's expensive $1/gb and only Pro has it for Minecraft, and there's no integration with Tunnels, would need to port forward/static ip.
so then cname seems like the only option
I just dont know how to do it for 2 seperate ports on the same sub domain
would I need seperate ones?
You can't CNAME down a tunnel, if that's what you're asking
Im not gonna do that
Im gonna have the cname point to my public ip
why do you want two ports? One for bedrock, one for java?
yes
why do you think you need a cname over a normal a record?
oh nvm Im dumb I meant A record
if it's a unproxied dns record, and you have port forwarding/firewall set up right, both ports will just work
no cf ddos protection though
I mean my firewall isnt the best but its up
and port fowarding is on
if you're on a home ISP, you'd just get easily knocked down by pure saturation rather then a more specific attack
but yea it's something
I just dont know how to setup one a record for both ports
is that possible
A records don't care about ports
you just point them towards an IP
they connect IP: port the user/program specified
the only issue is if your firewall/port forwarding are setup for it
they are
is the name tab for a sub domain?
if you just specify the subdomain there, it'll assume/display/auto append your domain name yea
hmmm I cant add the port under ipv4 adress
Right, A records don't care about ports
you don't specify the port there
just the IPv4
so can I use 2 different ports on the same sub or would I need 2 subs?
Same subdomain
When you type
mc.mysite.com into MC, it goes and resolves the A record, and then it tries connecting on the default portbut bedrock dosent use the default port
bedrocks default port is 19132
ok and as long as your server uses that default port/fw/port forwarding/it'd work
if you use a diff one then the default for bedrock the users would need to specify it. Java supports SRV records which can use diff ports, but bedrock doesn't afaik
yea it wont load on bedrock
in the specified port slot I put the port
java is working tho
I have to have proxy off right?
idk where iM going wrong here
port forwarding/fw probably
try connecting to the ip directly
hmmm it works fine on the ip directly
can I enable proxy at all?
if I do need a subdomain to point towards a port how can I do that
no, proxy only supports http
that's interesting though, could be device dns cache if it was ever proxied/pointed at something in the past
it worked on my pc right away but took time on my phone
its really weird
in a wider dns sense, dns does not care about ports at all.
Some specific applications like Minecraft support SRV records which allow specifying a specific port, or CF Proxied Records can be overriden to connect to a specific port for http requests
sounds like local dns cache, each device has one, plus your recursive resolver
well I mananged to setup both the ip and map
but there on seperate subdomains
minecraft.versioncontrol.tech
and map.versioncontrol.tech
one is proxied, one isn't
yea
is there a way to mask the ip of the other one?
of the one directly to your mc server?
yea
the other one is proxied through a tunnel
CF has a product for proxying TCP connections called Spectrum, which supports Minecraft, but you need Pro and it costs $1/gb, it's just really expensive. There are other options for proxying MC through "tunnel" like setups like https://playit.gg/ which I've heard decent things about, never tried myself though. or TCPshield
I wanna hide it but play it gg makes the url really bad
and tcpshield is confusing af
I think tcpshield has bedrock behind paid tier anyway
playit has some paid tier where you can use custom domains I think, maybe worth looking into
I dont wanna pay at all
its monthly
might save up for a better network firewall
can't have everything for free lol, CF is an exception with how big its free tier is, but still fairly limited when it comes to some products
as a highschool student
its really hard to pay monthly for things so If I had a job I would get it but I dont wanna pay for something that I dont profit from enough
ok I found an issue with my config
map stopped working and idk why