Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Running Services from ISP Residential connection

    Scheduled Pinned Locked Moved
    Routing and Multi WAN
    2
    3
    62
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      TasMot
      last edited by

      My problem is being caused by Netflix..... They have instituted a no VPN policy.

      So, I have been playing with IPv6 for the past several years on my home network. Since my ISP has been extremely slow provisioning IPv6, I set up an IPv6 connection with HE.NET (created a GIF interface to the HE tunnel broker). It was working just fine for many years using he.net externally and Windows IPv6 DHCP to hand out internal addresses based on the /64 that was delegated from he.net. Then Netflix started to care about VPNs (and this looked like a VPN to their detector) and their service refused to work anymore (even though they kept charging me). So, I broke the IPv6.
      However; I am running several services accessible from the internet (inbound services for software I am developing). Now their IPv6 access is broken also.
      I now have an IPv6 address provisioned from my ISP. But, I still have the IPv6 address being assigned via Windows DHCPV6 from the he.net tunnel broker.
      If I terminate the he.net connection, my inbound requests will no longer be available (my ISP residential Internet connection will not allow inbound connections).
      So, what I need to do is route inbound IPv6 traffic via HE.NET to computers on my internal network (and of course route the replies to those inbound requests back out via the HE.NET connection). Other outbound requests will be routed via the ISP WAN IPv6.
      Using pfSense as the firewall/router, how do I assign IPv6 addresses (I could keep assigning addresses from my HE.NET /64 at least until they discontinue their service offering). Or, should I start assigning from the ISP pool of addresses and if so, how do I route inbound IPv6 requests from the HE.NET to the internal addresses from the ISP.
      If you are interested, I have a VPS connected to pfSense via an OpenVPN connection to handle the IPv4 inbound requests. But it only has one IPv6 address and I have not gotten it to route IPv6 across the OpenVPN connection (probably me).

      T 1 Reply Last reply Reply Quote 0
      • T
        tgl @TasMot
        last edited by

        @TasMot I'm pretty sure that your ISP would consider this setup to be a violation of their terms of service. Running a server is running a server, whether the traffic goes through a tunnel to he.net or not. Maybe you'd be best off to pony up for non-residential service from your ISP. That'd simplify your life and should come with some perks like a better SLA (ie higher repair priority).

        T 1 Reply Last reply Reply Quote 0
        • T
          TasMot @tgl
          last edited by

          @tgl I looked into that. They combine TV and Internet service and the non-residential TV service sucks. That's why I went this way. At present, it is only personal playing with software development and the extra expense was not warranted for having 2 internet services.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.