1·
3 days agoThank you, that’s really solid advice. It turns out my efforts may have been misguided anyway. I think I was under the impression that “internet exposure” and “Cloudflare tunnel” had similar setups
- 4 Posts
- 59 Comments
Joined 2 years ago
Cake day: August 6th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
I thought my VPN didn’t, but they continue to disappoint me. According to the internet, my VPN is using CGNAT
See, this just shows how much I need to learn…I thought what I was trying to set up *was *the same thing as a “Cloudflare tunnel.” Honestly, don’t care how it gets implemented, I just assumed this was the easy way because that’s what all the youtubers were suggesting. My end goal here is “I’m on my phone 100 miles away from home, open Jellyfin/Nextcloud/whatever, use domain.actually.works” without needing to disable my Proton/Air/Mullvad connection.
But I’ve followed 4 or 5 “you won’t believe how easy Nginx is” tutorials, and they’re not working for me…
Ok, this is an extensive answer (thank you), but also a lot to unpack. Before I go making a bridge network, I wanna make sure I’m following you. I’m pretty inexperienced with self-hosting in general outside of Docker, but I’m especially a novice with anything networking so pardon my ignorance here.
Yes, Jellyfin is accessible locally. Performance is the best I’ve ever seen it too. I uninstalled Tailscale on my Ubuntu server (it was causing networking issues, frankly I didn’t understand how) and removed it from my tailnet dashboard, but Jellyfin is still remotely accessible via Tailscale (which is fine, I guess).
At this point, my users and I are trying to avoid Tailscale on mobile devices when possible. Two reasons: 1. prevents maintaining regular VPN usage (deal breaker for a couple people) 2. switching between home wifi and mobile drops connectivity, required turning networking off and on again (deal breaker for me, I got spoiled by Synology’s reverse proxy and can’t go back)
From what I can tell, there’s no CGNAT trickery at play (actually the internet says otherwise). My DNS is a local Pihole+Unbound, in case that matters. The Ubuntu IP is static. Were you requesting the yaml of Jellyfin or Nginx?
And I believe I was hoping to set up a “Cloudflare tunnel.” I think I was under the impression that this “tunnel” *is *a reverse proxy.
1·3 days agobr-04577e8d1ec8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.27.0.1 netmask 255.255.0.0 broadcast 172.27.255.255 inet6 fe80::f43a:6cff:fe6e:6f74 prefixlen 64 scopeid 0x20<link> ether f6:3a:6c:6e:6f:74 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-059b78f628b4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.25.0.1 netmask 255.255.0.0 broadcast 172.25.255.255 inet6 fe80::18:abff:fee0:3eb3 prefixlen 64 scopeid 0x20<link> ether 02:18:ab:e0:3e:b3 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-0a5f3a65b300: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.19.0.1 netmask 255.255.0.0 broadcast 172.19.255.255 inet6 fe80::e00e:50ff:fe65:836 prefixlen 64 scopeid 0x20<link> ether e2:0e:50:65:08:36 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-1945efd955e7: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.26.0.1 netmask 255.255.0.0 broadcast 172.26.255.255 inet6 fe80::8c68:a5ff:fe3a:9873 prefixlen 64 scopeid 0x20<link> ether 8e:68:a5:3a:98:73 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-3d620c7c2cae: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.22.0.1 netmask 255.255.0.0 broadcast 172.22.255.255 inet6 fe80::c2b:66ff:fe94:2b49 prefixlen 64 scopeid 0x20<link> ether 0e:2b:66:94:2b:49 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-460d6535b2c5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.24.0.1 netmask 255.255.0.0 broadcast 172.24.255.255 inet6 fe80::642c:cfff:fe44:dbdc prefixlen 64 scopeid 0x20<link> ether 66:2c:cf:44:db:dc txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-475a728d1c35: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.23.0.1 netmask 255.255.0.0 broadcast 172.23.255.255 inet6 fe80::ccd2:f8ff:fe28:3421 prefixlen 64 scopeid 0x20<link> ether ce:d2:f8:28:34:21 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-4f0e4b158e77: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.20.0.1 netmask 255.255.0.0 broadcast 172.20.255.255 ether 6a:b9:50:03:81:49 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-523dfe276b24: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.29.0.1 netmask 255.255.0.0 broadcast 172.29.255.255 inet6 fe80::c489:10ff:fe7d:c60b prefixlen 64 scopeid 0x20<link> ether c6:89:10:7d:c6:0b txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-57763f5382b6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.28.0.1 netmask 255.255.0.0 broadcast 172.28.255.255 inet6 fe80::74a5:7ff:fe65:c6ef prefixlen 64 scopeid 0x20<link> ether 76:a5:07:65:c6:ef txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-598a0f745a98: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255 inet6 fe80::c66:3aff:feb9:911e prefixlen 64 scopeid 0x20<link> ether 0e:66:3a:b9:91:1e txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-ab783b77c95c: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.31.0.1 netmask 255.255.0.0 broadcast 172.31.255.255 inet6 fe80::649f:6bff:fe13:2fe8 prefixlen 64 scopeid 0x20<link> ether 66:9f:6b:13:2f:e8 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-bef45e98255d: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.21.0.1 netmask 255.255.0.0 broadcast 172.21.255.255 inet6 fe80::cc5f:6bff:fe87:b447 prefixlen 64 scopeid 0x20<link> ether ce:5f:6b:87:b4:47 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-f48ae7f54dbb: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.30.0.1 netmask 255.255.0.0 broadcast 172.30.255.255 inet6 fe80::d437:84ff:feb2:ca4a prefixlen 64 scopeid 0x20<link> ether d6:37:84:b2:ca:4a txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 inet6 fe80::cc6:caff:fe43:79a9 prefixlen 64 scopeid 0x20<link> ether 0e:c6:ca:43:79:a9 txqueuelen 0 (Ethernet) RX packets 1783 bytes 1910011 (1.9 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1922 bytes 351712 (351.7 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.0.44 netmask 255.255.255.0 broadcast 192.168.0.255 inet6 fe80::9e6b:ff:fea5:51f prefixlen 64 scopeid 0x20<link> ether 9c:6b:00:a5:05:1f txqueuelen 1000 (Ethernet) RX packets 4387465737 bytes 6336735875164 (6.3 TB) RX errors 0 dropped 8 overruns 0 frame 0 TX packets 754588388 bytes 573935751223 (573.9 GB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 127840 bytes 10957792 (10.9 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 127840 bytes 10957792 (10.9 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth0775369: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::cc3c:2cff:fe9c:5db0 prefixlen 64 scopeid 0x20<link> ether ce:3c:2c:9c:5d:b0 txqueuelen 0 (Ethernet) RX packets 221480 bytes 212832018 (212.8 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 254661 bytes 202198400 (202.1 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth0c0ea06: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::38e3:cfff:fe9d:bb11 prefixlen 64 scopeid 0x20<link> ether 3a:e3:cf:9d:bb:11 txqueuelen 0 (Ethernet) RX packets 194122 bytes 19377179 (19.3 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 354068 bytes 582336025 (582.3 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth10feba1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::ecf5:74ff:fe18:8241 prefixlen 64 scopeid 0x20<link> ether ee:f5:74:18:82:41 txqueuelen 0 (Ethernet) RX packets 481334 bytes 63464919 (63.4 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 455170 bytes 820601446 (820.6 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth1d28ecf: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::bca2:b6ff:fec1:86f1 prefixlen 64 scopeid 0x20<link> ether be:a2:b6:c1:86:f1 txqueuelen 0 (Ethernet) RX packets 75387 bytes 11145936 (11.1 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 40041 bytes 255176942 (255.1 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth1e42990: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet6 fe80::2052:25ff:fe39:703 prefixlen 64 scopeid 0x20<link> ether 22:52:25:39:07:03 txqueuelen 0 (Ethernet) RX packets 6333109 bytes 68605366213 (68.6 GB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 7502722 bytes 1336724524 (1.3 GB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth42cfbe1: fl
Yes, I recently got it working. So LAN connectivity is fine and strangely I can remote access it via Tailscale even though the machine isn’t on a tailnet
The whole reason I bought the domain is because I was told to stop using Tailscale for this purpose. I’m so confused…
it’s full duplex
“The other end”? As in my NAS? Because I can’t check that machine due to lack of SSH
Oh sorry, nothing network related (as far as my novice ass can tell). I’m talking about my Jellyfin containers. Tons of excuses related to things that haven’t changed
“Speed: 1000Mb/s”. I was under the impression that my HDD (Seagate EXOS) would be roughly double that with some to spare.
Sad to report it is not working. Instead I’m getting a different error every time I try to play media
In a response to just_another_person below, it seems to be a Tailscale hangup
Great answer, thank you. To your point, I tried to disable the Tailscale service on my Ubuntu machine and the consequences were bad enough that I’m going to try to avoid Tailscale as much as possible. In disabling it, it also shut down open-ssh, so I had go to the machine with a keyboard and monitor (gross). Re-ran iperf3…while still a bit lower than I’d expect, I don’t think I have any room to complain here all things considered.
“-bash: syntax error near unexpected token `newline’” I’m not familiar with ethtool, but I looked up some commands related to ethtool. Unfortunately, everything I tried give me “bad command line argument(s)”
Of course, cat7a just tested all the cables too
Interesting. I’ve been using Tailscale for years, this is the first I’ve heard of it causing LAN networking problems. I thought the purpose of Tailscale was to establish a low maintenance VPN for people who won’t/can’t set up a reverse proxy, especially for beginners like myself. Later today I’ll try to clear it out and report back
Oh yeah, Tailscale. I’ll run iperf without it to compare, but I’ve never had an issue with my tailnet before
still not great. And I think ‘sudo tailscale up --accept-routes’ broke my shit. Now SSH is failing. I’m calling it a night, I’ll report back tomorrow
Know any Linux magic to try out?
192.168.0.4 and 192.168.0.44 for NAS and server, respectively. Currently just an idle Jellyfin container. I’m not sure what bridge networking is without looking it up, so I’m assuming that’s not happening here
Let the record show that irmadlad saved the day here. I learned a lot about what I needed and no longer have to concern myself with something beyond my comprehension