Server started out working with the subdomain, but then stopped.
Sorry, i'm learning as i go with server hosting, but i have a home server and a domain. I host a minecraft server for my friends, and i want them to be able to use like a word adress (minecraft.mydomain.uk) and not just my ip adress (static). It starts out working, however soon after stops, and i can only connect via the ip adress plus the port, or the domain plus the port. I have an A record set up in the cloudflare thing, and an SRV record which i think is correct as it worked fine before (_minecraft._tcp.minecraft). any help is appreciated,
thanks
33 Replies
what's the srv record look like?
like this
unproxy
minecraft.dtms.ukso its dns only?
Should be "DNS-only", not "Proxied"
ah aight
Yep
Can't proxy minecraft, http only
and it worked
can you explain why rq
im sorry
ty also
Sure. Cloudflare's Normal Proxy uses a pool of IP Addresses, shared among a ton of sites. How do you know which connection each one is for?
A Basic connection is a tuple like this
(src ip, src port, dst ip, dst port)
src side is all up to the user, dst side is the only identifying side.
The reason how Cloudflare's Proxy works with HTTP is because the HTTP Protocol exposes mechanisms (ServerName Identifider in the TLS side, and HTTP Host on the HTTP side, which are just your site hostname like dtms.uk or minecraft.dtms.uk) for identifying what website each request is for. So it can just handle the http connection because it understands the protocol and resolves who it goes to after.
For Minecraft, Cloudflare doesn't understand the minecraft protocol and there's no nice identifier like ServerName/Host header either the protocol has.
They'd have to assign each user a unique IP to understand which site it was for, which they do have a service for called Cloudflare Spectrum, it's just crazy expensive at $1/gb used
ah right, a little more understood
thanks sm!
mans better than any tech support centre
Actually there is an identifier
on the connection handshake the "hostname" field is sent
Thats how basically every minecraft DDoS protection provider functions
You can have a single ip and 25565 port but forward to different backends by the hostname
oh is there? That's cool, still unlikely CF would ever support that and support proxying Minecraft that way, maybe one day though
I thought they'd just use a ton of IPs
Nono
They do have to for bedrock tho
since raknet only sends hostname on connection and not ping
so server status would get messed up
And i really doubt cloudflare would support minecraft
at least for free
I mean they do via Spectrum it's just $1/gb lol
spectrum kinda does with the "minecraft" protocol but it doesnt really work cuz no Proxyprotocol
Yeah but thats universal tcp
not minecraft-specific
most minecraft services also include L7 for minecraft attacks (Status floods, Handshake floods, Bots, etc)
I thought it's meant to be a proper path.net like packet filter, not handling those type of attacks though yea
Idk, i havent tried much the minecraft field on protocol
they should add proxyprotocol to it so it could be useful
im not sure if its actually handshake validation and not just pre-configured variables
even on Enterprise if you pick Minecraft you don't have the proxy protocol options
Yes i know
Also path's filter is kind of a joke
they dont do full handshake verification
its only "oh this first packet looks like a minecraft packet... lets whitelist the entire connection"
it might just be a preset to allow non-ent people to use it and not a proper filter, there's not much info on it out there
yeah i think its this
Wait actually lemme try it
Just a preset
rip, well thanks for testing, now we know
Why do they make it use ipv6 tho
i dont think minecraft's network stack can even connect to v6 addresses
Do you think the SSH/RDP "filters" are also like that? I mean i know HTTP(S) is indeed L7 (basically running cf dns but on whatever edge/backend port u want) so idk
likely because they're also items that lower plans can pick
https is special because it's just the normal cdn
I dont think RDP is supported for lower plans
Cloudflare Docs
Protocols per plan · Cloudflare Spectrum docs
On this table, you have information about which protocols are available per plan.
yeah
js looked
so they js presets
im not about to learn SSH/RDP protocol to test it out but assuming minecraft its a preset lets say they all are
Minecraft was the one I had the most hope for because they have/had MC Hosts like Hypixel using Spectrum/mt at one point, and they advertised it specifically
Yeah same
Hypixel still uses both tho
they mainly use MT and switch to spectrum when under attack
but the spectrum ip is still public
i use it to get better ping lmao