What would be the best setup for my situation?
Right now I own a proxmox server, and a custom domain name (through cloudflare), and am able to buy a VPS if necesary. My goal is to run a whitelisted but public server (so that no one needs to download a client, though they can download minecraft mods if any of you know how to use modflared, but I can't port forward. What do I do?
tl;dr:
- i have custom domain name
- i have server
- need to host publicly-ish without port forwarding
- can buy VPS if required
97 Replies
Thanks for asking your question!
Make sure to provide as much helpful information as possible such as logs/what you tried and what your exact issue is
Make sure to mark solved when issue is solved!!!
/close
!close
!solved
!answered
Requested by maxbuddyroo#0
You can get a VPS from OVH to port forward from there via WireGuard or HAProxy with Gate Lite
You won't forward on the actual Proxmox machine, instead traffic will be forwarded to your main machine from OVH
They have very good Anti-DDoS infastructure too
@MaxBuddyRoo
is there a tutorial on how to do that somewhere?
and why OVH and not other VPS services?
and why OVH and not other VPS services?1- They have a very good deal right now, a 2 GB 1 Core server for 97 cents per month 2- Their support is good 3- Their Anti-DDoS infrastructure is one of the best. Most major providers use OVH as their pops, because they are very reliable. I was able to mitigate many large attacks with OVH just fine, and I never had issues.
A bit old screenshot
sounds good, what are the steps on how to do what you mentioned in your first message?
https://gist.github.com/adog1314/97bf494d74f56bfff51da9bb4bff8ed0
https://superuser.com/questions/1777082/using-vps-to-give-public-ip-to-on-home-network/1777106?noredirect=1#comment2772486_1777106
This should work, I'm pretty sure. Just do for port 25565. You may need additional changes if you want to forward the IPs, though, just say here and I'll help you out.
so basically the VPS connects to my home server through wireguard, and then just port forwards itself so my own ip isnt exposed?
Yes
Your main IP will not be exposed, and you'll have the full Anti-DDoS infrastructure of OVH on your home server
wait how do i connect the domain name
wdym
A record to the VPS IP
I recommend Hetzner
OVH has decent specs for what they are, but with how oversold they are. The only way I could ever recommend OVH is if you were to buy a dedi, or if you found a reseller willing to set you up a VDS.
Hetzner has amazing performance, and is very cheap. You can get a 2 core dedicated AMD EPYC 7000 series CPU for about 11 euros.
I was using SparkedHost for a while, but with how hard they oversell even a player simply joining my server made the CPU skyrocket.
Ever since I switched to the VDS's to Hetzner I've had no real issue.
If you do not want to go to hetzner for what ever reason, find a host willing to offer a dedicated CPU
if you’re in the EU* and don’t mind the bad ddos prot*
vps have US, SG, and EU locations
only SG has different pricing
mmm
didn't realise
um, they have USA locations?
and i suggest using their VDS's
um?
their dedis are only EU tho
yeah
as I said, didn’t realise
i forgive u
also
out of interest
what server host do you represent
They're more expensive + don't have DDoS prot
+ worse networking, too
I disagree.
It's fine, you can't always have the correct opinion
They're dedi's and server auction has one of the best prices, i do agree with you on their ddos protection. But if you use something like TCPShield or NeoProtect then that no longer becomes an issue.
sir the whole point is that they're going to spend very little money
Almost all of these MC server sellers are heavily overselling their hardware
and not have to fuck with external ddos prot
he's hosting at home...
OVH is used as a proxy
i SUGGESTED, hetzner if he were to purchase a vps
yes, and he should buy OVH an OVH VPS because they have good networking and ddos prot
they aren't going to host the server from the VPS
their hardware is not as good
VPS will be used as a PROXY
as OVH heavily oversells as well
proxy to FORWARD traffic
It's a PROXY
thats still relying on external ddos protection....
no???
at that point, setup TCPShield. They have firewalls specifcally for minecraft
OVH has its own
????????????
yeah, not configured
OVH has java protection built in
I don't get what your point is. OVH will be used as a proxy, and it's perfect for that because of DDoS protection and good networking
and TCPShield is free, takes seconds to setup, can be used on his own hardware, and is specfically built for minecraft.
And it's less than a dollar for month
He can't port forward.
i simply suggested a VPS provider.
the whole point is that they can't port forward my man
yes, which is why i suggested a VPS.
im not understanding what your issue with that is
he doesn't want to host the server on the VPS
he already has one
the VPS is for a proxy???
You can host it on a 500mb 0.5 core server as long as it has good networking
all of those issues can be fixed by simply buying a $11 vps from hetzner, or what ever provider he chooses. I gave my recommendation for a VPS if he wants to buy one which he said hes willing to do
so, ur fighting with me over absolutely nothing...
what host do you even own
I'm curious
you have the hosting role
thats not relevant to this
what host do you own either way
do you even own one
its not important
it's important, because the role is only for those that own one
i gave my suggestion and youre livid over it
How can you be sure the "11EUR Hetzner VPS" is better than what he already has?
how do you know the server @ home isn't running on a 5950x lmao
why would you migrate everything to a VPS that has worse performance
when you can buy a server for less than a dollar and use wireguard to proxy it home
Im not sure what he has at home, but the reason i suggest hetzner is because their VDS's are really nice. And their routing is amazing, i actually connect to my server faster connecting directly to my hetzner's IP, and I have a few different proxies setup, one with TCPShield, one with CosmicGuard, and another one that im not going to mention. Soon im going to setup NeoProtect and see how they are, i may only use them for my bedrock players
The routing will be different for everyone as maybe my ISP has good routing with hetzner's servers and some others may not
and can you please remove your hosting role if you don't own a legally registered company
i will not be removing the role
i do own a hosting serivce, its not very popular like OVH or SparkedHost or pebblehosting or something like that
staff will, so feel free not to
¯\_(ツ)_/¯
right now im waiting for the new 9950x to drop next week
but i may not even get that one
for a server at least.
sure, if they want me to remove the role i will
i really dont know why you are so emotional right now, all i was doing was giving him a suggestion
giving him a suggestionThat doesn't help at all and isn't related...
it will help
theres many options they can go with, i gave them one of them, one i think would be good
@Jenkins Man can you please just not be like this? :husk:
...
Just... man...
what's wrong
Try not to be a needless asshole. Rich coming from me, I know, but if anyone can spot when you're being a needless asshole it would be me.
It's a worse solution for like 11 times the price he'd normally pay...
And it goes up even more if you actually want a good VPS
Amazing, but try not to be a needless asshat about it.
Their VDS's are only 11 euros a month
maybe some providers have better prices in here? i havent taken much of a look at them
Honestly I wouldn't use OVH. While their DDOS prot is technically good, in execution it's shit to actually use. For a small server I'd sooner just TCPShield or NeoProtect free it.
Exactly!
Thats all I was trying to say lol
Like not only at that stage do I get DDOT prot, but I get edge routing.
But I should take an OVH system because...? Reasons ig?
OVH has it's place, but this isn't it imo.
i wish minecraft was UDP
UDP > TCP
I don't hate it being TCP, tbh.
I'm not sure how any other solution will work here
All the server will run is WireGuard
For tunneling home
I know, I did read it.
That'd cause so many issues
Oh for sure.
like what
So much shit would break overnight.
Minecraft Java wasn't meant to be a UDP game ever
But Jenkins.
Imagine if it was.
UDP on top lol
I love QUIC
Server Authoritative Movement 🤤
That'd be the fuckin' dream...
Only if done correctly
Spoiler: it sucks on Bedrock so much that it's unusable
Average Mojang moment.
Lmao
Eventually, I will co locate with a datacenter near me.
Although Im having a hard time deciding if I want to co locate with Path or Cosmic
Probably cosmic.
Path ewww
Both kinda suck as DDOS prot. NeoProtect is based though.
Path has AMAZING ddos protection, they've patched A LOT of attacks
But, their just a shitty company
Cosmic has nice routing, DDoS protection is okay
Eeeh. Their history has been dropping like nuts recently.
Bad reputation these days.
For my MC server customers I could offer TCPShield or NeoProtect, but for other things I will be hosting it will be nice to have either path or cosmic
Path has always been a bad company, marshal is a interesting person lol
One issue I will have, is if my servers receive a lot of DDoS attacks path will drop me and most likely charge me
speed wise not really
its 20 gbit every region except singapore
getting sued for unpaid bills, and loosing over a tb of bandwidth is a real issue
yup
owners are also known DDoSers and extorters, their staff are also DDoSers.
Lmao, im surprised you know about this site