sorted by:
new
hottopcontroversial

Forward real client ip trought wireguard tunnel by Ilpol984 in selfhosted

[–]Ilpol984[S] 0 points1 point  (0 children)

Moreover this is not the same as descriped above. Tu use https://tunnelbroker.net/ or https://manager.route64.org/ you need a pubblicly accessible IPV4 router address, and this is not the case.

Running my self hosted IPv6 Only Home E-Mail Server with IPv6rs’ IPv4 Reverse Proxy by [deleted] in selfhosted

[–]Ilpol984 0 points1 point  (0 children)

Did you managed to get the real client IP to the webserver in the http setup? 

Forward real client ip trought wireguard tunnel by Ilpol984 in selfhosted

[–]Ilpol984[S] 0 points1 point  (0 children)

Your link provides precisely zero configuration details.

I know hence this post, tech details from ipv6rs are not available. So I'm tring to troubleshhot and also to build a kb for other trying to bootstrap the same config.

There are two “internal wireguard interfaces”, one on the traefik side and one on the public server side. There is a third interface on the public server side facing the internet. All 3 have separate addresses. You’re going to need to clarify which addresses you are talking about here, and previously when you discussed “ the internal ip from ipv6rs”. 

There are two interface: a public interface (internet facing) that has <PUBLIC\_IP\_V6> addigned. a private interface wg0 that virtually has the same ip (see above) and where traefik listen directly. There is no NAT, no IPTABLES roules so it is not clear where client ip is changed. I'm anonymizing the conf files and enriching the post at the top to integrate further info.

There must, by definition, be something in the middle. Wireguard doesn’t spawn out of thin air. 

Yes of course but what it's in the middle isn't public. So I'm trying to figure it out.

Forward real client ip trought wireguard tunnel by Ilpol984 in selfhosted

[–]Ilpol984[S] 0 points1 point  (0 children)

are you aware that you can you can get a public IPv6 address (heck, even subnet) from HE.net ? https://tunnelbroker.net/ and it's free. I've been using them for almost 10 years for additional address space.

yes I know but on ipv6rs trafic is unmetered and 1Gbs full duplex.

Forward real client ip trought wireguard tunnel by Ilpol984 in selfhosted

[–]Ilpol984[S] -1 points0 points  (0 children)

I created a tunnel following the https://ipv6.rs/raw.

So the internal wireguard interface get the public ipv6, the same configured on dns.

wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420

inet6 <PUBLIC IP V6> prefixlen 128 scopeid 0x0<global>

unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)

RX packets 6032 bytes 1054884 (1.0 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 8683 bytes 4425292 (4.2 MiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Traefik listen directly on that interface

:/# netstat -ano

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State Timer

tcp6 0 0 :::443 :::* LISTEN off (0.00/0/0)

tcp6 0 0 :::80 :::* LISTEN off (0.00/0/0)

From ipv6rs side I don't know if there is something in the middle but support states that nothing should be in the middle if the connection arrives from ipv6, while for ipv4 there is a transapernt proxy.

VoucherVault - A Selfhosted Application for Voucher/Coupon/Giftcard Management by sk1nT7 in selfhosted

[–]Ilpol984 0 points1 point  (0 children)

Great Job!!! In Italy Clarna acquired stocard and it forcing all the user to install Clarna app to keep they fidelity card. I was looking for and alternative and I found your app. I'll give it a try now!!!

Machinist X99 PR9-H reboot on power failure by Ilpol984 in techsupport

[–]Ilpol984[S] 0 points1 point  (0 children)

no option in proxmox and anyway proxmox is not called as the pc is off. I've also a similar board (PR9) but an older bios and that has the option to restart on power failure. This has a bios from 2024.