Edit: I did some research on the Google Fiber reddit and it seems like broken port forwarding is a common issue with the provided hardware. Most say just BYO router. Sigh.


Tl;Dr: port forwarding isn’t working after a network hardware upgrade, even after enabling it and rebooting all equipment, and without a firewall enabled.

I’ve been running a public-facing Jellyfin server on Ubuntu 22.04 for the past few months without too much trouble. Today I upgraded my networking equipment to a Google Fiber Network Box. I ended up having to set a new static IP address for my server device. I also had to switch from using the Google Home app to using the Google Fiber app or website to configure my network. Everything’s working now except for port forwarding. The network settings give me the ability to forward ports, but port checkers keep telling me the ports I’ve opened are not open.

I’ve tried rebooting the server, router, and modem (and closing and reopening the ports) multiple times to no avail. UFW is installed on the server but it’s inactive, and I don’t have any other firewalls. I don’t know what else could be blocking the ports.

I’m still sort of a newbie to self hosting, so maybe there’s something I’m overlooking. But I’ve done several web searches and couldn’t find any solutions I haven’t already tried.

I did notice though that it seems every device on the network has the same public IP address. I don’t know for certain that wasn’t the case with my old setup, but it did seem strange. Again I’m not an expert on this stuff, so maybe it’s nothing. I couldn’t find anything in network settings that would let me change that either.

  • redcalcium@lemmy.institute
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Are you sure you’re not actually behind a CGNAT? Does the IP address returned from running curl ip.me matches the public IP address in your router’s network status screen?

  • Melco@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Are you sure this ISP is not using CGNAT? If it is then you wont have access to port forwarding.

    • keenworld@midwest.socialOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Giving this a try, thanks. I notice in the comments someone said something about Cloudflare’s ToS being limited to HTML and makes it sound like serving video through the tunnel could mean getting charged. I’m hosting movies on this Jellyfin server, so I guess I should be concerned?

      • SeriousBug@infosec.pub
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I thought that ToS was just for their CDN?

        You can also use Tailscale Funnel, it does the same thing and doesn’t have a limitation on what kind of content you put through it.

      • funkajunk@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Pretty sure that’s just a legal formality to cover their butts. I’ve personally never heard of anyone having issues with it.

        Edit: Also, that can’t be true as the tunnelling is part of the zero-trust tools, which is made for accessing any kind of data.