route subdomain to another subdomain, with a twist
so basically, I wanted to use ZT/CF tunnels for my minecraft server, but it seems impossible to do because of how TCP sockets are handled. i do know there is a free solution for minecraft port forwarding through the launcher "feather" which gives you three free subdomains on their own site which you can enter into minecraft to join the server
every minecraft server uses port 25565 by default, and of course you can't have multiple servers on the same port, but you also don't end up having to enter a port. so the only way it could possibly be hosting different minecraft servers without having to enter a port is by doing some domain name tricks to route based on the entered subdomain rather than the actual IP address or port.
what i want to do is configure the cloudflare DNS to route a subdomain on my own website to one of feather's subdomains. i'm not sure how to do this, a CNAME record doesn't seem to work.
220 Replies
i don't know whether this would be a DNS or a Rules thing to rewrite requests not only from one subdomain of my own to a subdomain of another website, but also somehow keep the info needed so that this website knows what subdomain we're looking for as opposed to just routing to the IP of the entire feather site
So you want use your own domain to share your server which is hosted by feather client am I right?
yes
i may have figured it out
it looks like you have to do an A record to their IP and then a SRV record
but i’m not sure that actually worked so if you have an idea lmk
heres the kicker tho
my setup works but it won't query
so logo, MOTD, connection bar won't show
if they give you an A record for your minecraft server, you can use that to create a srv record on your own domain. If they give you srv adress then you can use something like "https://mcsrvstat.us/" to bind that adress and get its ip and port. Then use that ip to create A record, and if the port is not 25565 use that A record to create SRV record so the players won't need to type port after typing your domain name.
-
If they gave you srv adress then theres gonna be an A record connected to that adress so you can use that instaed of creating an A record
If you type something, and I don't see it you can ping me.
same to you. in fact let me change my nickname because i forgot
they dont
Btw you can send me your adress, no need to hide it. That way if you can not find if it's either a srv record or an A record I can help you find it
its kinda just a set it and leave it kinda thing
the address is the same for all subdomains
yes, but I need an example to see if they give A record or srv record
It can be other peoples adress too but I don't know if they have any example.feathermc.gg or not
its .feathermc.gg
ok sure
so try example.feathermc.gg
okay
Well they don't have that adress, but lookimg at the old results it was using an A record which means you can use that to create a SRV record.
Create SRV record on cloudflare, type 25565 to the port, and type the adress they gave to you to the adress field.
yea thats what i did
here
it works but MOTD and ping wont display in server list
top is the cloudflare domain, bottom is the direct connect, both log into the same server and connect
can you connect from the ip adress and not domain? (xx.xx.xx.xx)
nah
'disconnected'
i think they probably check the domain and route it when the request is made
ive seen this on many servers
yeah
they might have blocked direct connections
or used domain to proxy from their servers and not ip adress
indirectly blocked direct connections, its just because
yeah
its just because theres no subdomain specified so it doesnt know what to do
otherwise ppl could do what they do on ngrok and it'd be anarchy
which is just enter random ports and grief everything
like a rite of passage for free server owners
I use playit (same thing as ngrok), I don't have any problem connecting my domain to it but it has a lot of ping
you can also use cloudflare zero trust tunnels
we are alike
ive tried playit but it was super slow and didnt let my friends connect half the time
and i actually was using ZT tunnels (my apologies for not including this in the OP i was in a rush) but no one likes dealing with cloudflared because its my small friend group and they dont really understand
would using the IP address as an A record alongside the cname and srv work
or can you just not have CNAME+A
probably you already added some ip adresses that point to your domain adress
yeah its the cname
i dont think it works without the cname i'll try tho. it takes like 15+min for the update to propagate (and thats after i set my dns from auto to 1.1.1.1 1.0.0.1 today)
i mean if the SRV is what does it and not the CNAME then maybe its OK
Well I think either way they block direct access or using proxy on their domain to connect to the ip adress, you still can not use the ip adress itself
definitely
because they can't know where we wanna go with just an IP
they need the subdomain included in that request
Not being able to port forward makes such a mess
yeah
its not my internet im sharing with a relative
knowingly/legally ofc
but its still not mine
You can try just connecting your pc to cloudflare zero trust tunnels and port forward through there. The ping is gonna be ~300ms but your friends are gonna be able to play without downloading, installing or doing anything
you need cloudflared
i used zero trust tunnels, you need to open a tunnel thru cloudflared
i heard theres another thing but it costs money
the thing is i'm coming to a self hosted setup for the first time in genuine years after having to deal with VPSes with like, 3gb for $7/mo and i just can't do that. i have a computer here with 40GB of ram, enough to run 3 minecraft servers if i wanted to, and i wanna use that.
my goal is to pay significantly less than that price and get a better outcome. really just getting everything accessible is my only last hurdle
Well you are gonna download that to your computer only, your friends are gonna be able to join anyways (I don't know if they need to set dns to 1.1.1.1 and 1.0.0.1 but they don't need to download cloudflared)
oh i'm totally fine with downloading cloudflared, i've actually recently swapped over to a proxmox based setup and i've even set up a firewall, and then a vm in proxmox for cloudflared only
the issue is they all have to download modflared
and of course you can't have multiple servers on the same portYou can tho
which means go through the launcher go through fabric go through installing the mod
and then we have certificate issues because the mod is bugged
not on the same ip adress
well java is
well yes, but this is a technicality. you can't have multiple servers on the same port, but you can have one server on the same port that redirects to another server depending on what subdomain you're using
Yes
same ip address same port
oh so its modded server
it isn't, check out modflared
basically it runs cloudflared for you
its a client side mod
its really interesting but its buggy
if you host servers too you might like it
hmm java wouldn't allow that so that's why I'm thinking like that, but anyways im not sure if that's possible
Bro
look at my bio
im telling u
u can run thousands of servers in the same port and same ip
ddos protection?
How u think we do reverse proxies so cheap
oh are you talking about bungee or whatever its called
nono
In local adresses that's possible, but it's gonna be forwarded to same ip adress again. And if we look at the basic modem's interfaces we can see it doesn't allow two pc's to get same ports when forwarding
alright
look
i actually played with this a lot
ddos protection which multiplexes servers on the same port uses the subdomain you request to route
We obviously use a fullly custom made + L7 checks reverse proxy but here is a free one that does basically the same thing im telling you about:
https://github.com/lhridder/infrared
GitHub
GitHub - lhridder/infrared: Minecraft reverse proxy with L7 protect...
Minecraft reverse proxy with L7 protection in Go. Contribute to lhridder/infrared development by creating an account on GitHub.
let me see
(Dont trust the "L7 protection" of that proxy, 1000+ c/s and it will die no matter if you have 2x intel gold)
but i assume its a friends smp so yeah
yeah this uses the domain name
it is
this uses the domain name to decide where to route
well that's possible yeah
thats what i think they do
Yup
we lookup on new connections, on the handshake packet we recieve the hostname so we can lookup the database and forward to different backends depending on the hostname
Hmm thanks for the information, there's playits plugin too for minecraft servers. But why don't you use normal cloudflared?
you mean why don’t i have them just run cloudflared instead of doing it through a mod?
think of it this way. the only other person in my friend group who hosts servers needed like a half hour voice chat with me to get the right java version set up. they aren’t great with the terminal
no, if you download cloudflared on your pc and run your server through it, they don't need to install cloudflared too. The server is gonna be public to everyone that has your domain
oh
it won’t work without cloudflared i’m telling ya
google it
I tried it :d
they do some evil wizardry (joke) with tcp which makes it not work
fr?
They need to install it
do you have WARP?
otherwise Spectrum would be useless and no one would pay the thousands it costs lol
well I don't have cloudflare domain but in the quick tunnels they didn't download that
no because it connects me to far servers :d
get warp+
can warp port forward?
because I didn't find something like that in it
but if it can then I am gonna use it
that’s what it’s called i forgot
what da heck
what are your settings
i <3 spectrum
i would use it but $$$$
I only set the dns to 1.1.1.1 and 1.0.0.1 that's it
😍
ok.
lol i deal with 100ms on overwatch on good days
with 300ms spikes
that’s why i have my server in another place with better internet
🤔
oh I thought my ping was bad :d
jsjsjs trust me if it’s under 100 you have it good. rural internet is abysmal
well depends to where
100ms to cloudflare is crazy
im talking about a game
try pinging an enterprise website
cloudflare i think is 50 maybe i forgot
those get network priority ^^
to enterprise network or normal
1.1.1.1
I get 1-2ms when cloudflare is on at our area, but if it's not then it becames 70-80pimg
But the problem is all of the playit, ngrok and everything is in Frankfurt and I am far far away from there :d
1-2?????
my school had 1 ping on fortnite
they prolly had direct connection to AWS through their business ISP lmao
that’s the only time i’ve seen single digits
i get very low ping in fortnite
Well the problem is most of the time cloudflare doesn't work on this area idk why
normally i get 50ms to dallas
i get 20-30ms to fortnite
how? idfk
It does
but for enterprise customers
it’s actually hilarious dude 1ms at school
traffic is expensive so they dont feel like giving everyone access to your pop
literally like
.
.
maybe they’re next to the servers or something
It just shuts down, and when I look at cloudflarestatus.com it shows re-routed
10ms on enterprise vs 50ms on public
Ohhh
yeah that
I never played fortnite so idk :d
is there something like playit or ngrok in bucharest? I'm asking because Frankfurt is so far away
bucharest is far too but idk
its ping is a little bit better than Frankfurt
bucharest
nah your kinda done
Why every server owners choose frankfurt ☠️
Cloudflare is fine there
Cheap
And heart of europe
you host frankfurt = 10-20ms avg for most eu players
So u get more players
if you host bucharest you only have low latency for bucharest locals
no players
no money
but yah if spectrum was cheap for one port i’d do it because i need 1-3 max. actually two max if i wanted a website and minecraft because i could just use a rule for redirecting 80->443
yeah but I live in Azerbaijan and it's rerouted like 60% of the time, and when it's not rerouted, it gives 300ping through quick tunnels anyways
but i can’t afford $5/mo
why would u proxy websites through spectrum
wait*
ok… brain broken
i only need one port
no network priority prob
:d
u right it rerouted
go on speed.cloudflare.com
where is it routing u?
yeah and I hope cloudflare makes something that we can choose servers
no
thats not how anycast works
okay let me try
any cast ?
da heck
Cloudflare anycasts
Same ip range is announced on multiple locations
thats why they can have weird ass pops no one wants
:o
pops?
the pop may only have a 1gbps port
i have much to learn
much
Points of Presence
(Locations)
o so like individual servers
yeah
Which would not handle very much ddos
but since they anycast
only local country traffic goes to that pop
so they can have a lot of capacity in new york, frankfurt, etc... places where there are a lot of infected devices
so most attack traffic is directed to where they have the capacity
and small countries are fine since attacks wont reach the capacity
if they allowed choosing locations it would be very hard to implement as they would need a special ip range per location with routing tuned to route as most traffic as possible to that location
or do unicast which is terrible since people could just deploy an unicast ip and take down the specific PoP
This test is based on 5GHz connection.
what the actual f
not ferrible by my adds
not terrible by my standards
70ms from Asia to Sweden is crazy tho
well when I ping asian servers it gives 300ping
duh
its going to stockholm and back to asia
europa is better than asia in this situation
argh how much is spectrum for one port
$5/mo?
lol
maybe through a reseller
yeah that’s not gonna work
Spectrum is $25 or $200/m on Pro/Biz plans
i’m gonna have to bite the bullet and not use my domain
but thats not really useful is more of a trial as u dont get custom protocols or IP Fowarding
u can use ur domain w resellers lol
Js cname
🤣
well i don’t think you saw my whole situation
if u want fowarding and stuff u gotta get enterprise and yeah
my isp offers 5 (our country money) for one port I think
if u are talking about $5 i doubt u can afford adding 3 zeros to it
basically i have a server that was going through zero trust but no one wants to download modflared
duh
or cloudflared or what have you
is it mc?
ye that’s why it’s modflared
it’s a nod
u can get a mc specific ddos protection service
mod
i dont really know any for $5
but u can find one
all it will do is hide the ip as i dont trust a $5 service having competent antiddos but yeah
Can you try quick tunnels? That worked for me, I didn't try it on the domain itself so that can be the reason why it worked for me without clients downloading it
what’s that ? different from zero trust?
idk :d
Im saying that because I didn't download it on the second pc when trying
let me show you
these
i use thse
yes I know
GitHub
GitHub - HttpRafa/modflared: Automatically connects you to a Cloudf...
Automatically connects you to a Cloudflare tunnel without having to install cloudflared separately. - HttpRafa/modflared
are you sure you didn't need a mod or anything?
who else played?
I only have one friend so that was that :d
you only have one friend?
oh ok
btw you can try buying vps and open two ports (one for vpn service one for minecraft server) and connect to that vps as vpn connection using softether, and host your minecraft server
that way
best one is prob $2/mo
you dont need to buy expensive vps
at that point im basically paying for an IP LMFOAOO
yeah :d
or just run the mc proxy on that vps
yeah but idk how to do that, if you know can you tell me :d
i feel like this couldve been a good business to have
like
$1/mo single port forward
thats what play it is tho
so nvm
just slow
cd /MCProxy
screen -S Proxy ./proxy
for ISPs?
sure good business
for everyone else no
nah thats just port forwarding
wdym by port forward
nvm i just reinvented ngrok
you do realize bandwidth isnt free right?
im tired i didnt have a great day
ignore that
$1 for 10gb of port forward
that could work maybe
but it would run out quick
yeah
I have another problem, I bought a vps for minecraft hosting, but the problem is that it has a lot of ping so idk if I can forward that to somewhere and reroute it from there for people to connect to it
if it has a lot of ping forget it cause it’s gonna be whatever the highest ping is plus something
thats called spectrum w argo smart routing
i mean it could be decrease but depends
well it doesnt have high ping to one city only and that one city have great ping so idk how to do that
for example if i connect to my VPN which is in a dc my isp peers with i get like 20ms to the vpn and the vpn as it has T1 carriers gets like 50ms to new york
if i connect to new york directly i get 80ms
so
50 +20ms = 70ms
oh i see what you mean
10ms reduced, not much but yk
kinda
I'm trying to lower 120 ping to 40+15=55 ping with this :d
buy a server in that city
hmm worth a try
I just found out that my isp is not limiting my bandwitdh, I thought the cloudflare speedtest breaks limit to show that but it was actually not limited :d
so do we have no choice here but to deal with no MOTD?
really i just wanna know why we don’t get one but the server is functional
No?
what then if i wanna stay free
free ddos protection service?
for minecraft?
it’s not ddos protection i just wanna use my domain without port forwarding
btw where is your location?
just asking out of curiosity
the west
north america
oh
ohhhh
port forward and firewall
scary!!!!
i don’t wanna hand out my ip addr
proxy it....
plus it’s not my internet remember
wdym proxy it
Protected Proxy -> Your IP port fowarded
what proxy?
Idk
Any
TCPShield has a free plan i think
o
i just liked cloudflare tunnels because you didn’t have to use one IP for a bunch of different servers and then ppl could port scan and grief
leaves you much more open to exploits
Cloudflare is now operational in my country but it's still connecting to Stockholm in speed.cloudflare.com
Do you know how can I fix it?
idk what i did but i changed smth and changed it back and now its not working
i ruined it
Enterprise network
how much is that
$5,000+
._.
Why cloudflare doesnt connect me to nearest server
if its not gonna connect me to that server then why there is a cloudflare server located in like everywhere
cuz its expensive and they wont do it for free products
For enterprise customers
if you go to an enterprise ip im 99% sure it will connect you to that server
Is there anything like ngrok but in australia?
not for free
stuff isnt free
australia is one of the most expensive server locs
I wish my country had vps hosting :d
It does you just dont pay enough
well I am paying for port forwarding, if it's expensive than isp port forward price, then that's useless for me. Some countries has so cheap vps hosting like 0.5$ a month but their ping is bad :d
Lmao isp charging for port foward
and I think it gives only one ip
i thought all isp charge for a public IP. i wouldn’t know i don’t have one
It depends some do other not. The bad thing about it, almost all ISP's don't like it if you use much Upload. Because upload costs them a lot of money as far I know
Make no sense but ok
It js
I've got 1g down but only 400 up