Hi, I live in Germany and only have public IPv6. My address changes only very, very rarely and has never changed in the time I’ve been self-hosting.
I also have a very small, pretty cheap VPS with static IPv4/IPv6 – which would seem like a great fit for some sort of tunneling/proxy setup. Now comes the question: What/how should I use it? I would like to not have the additional latency for IPv6 enabled hosts, can I just setup a reverse proxy for IPv4? Would Tailscale work for my usecase, what are some resources you found useful when using it?
Currently, I’m just hosting everything IPv6-only and hoping my address never changes, but that does not work for everyone, as especially many new buildings with fiber optic connections still only have IPv4 (strangely).
This. Using simple ssh tunneling with port forwarding in a similar scenario. Working flawlessly with zero maintenance for 5 years and counting. Very reliable
Not really reliable, much less than wire guard. If your connection is unstable ssh not the best option. Autossh make it better, but still after a forced disconnection ssh will take a while to drop and reconnect. Wire guard is much better. I moved from ssh+autossh to wireguard and wished I did that sooner.
Fair comment, I should qualified my answer: I use an ssh tunnel with auto-reconnect option, wrapped inside a systemd service. In all this years, I still have to run into a problem that wasn’t external (server down, no internet at home etc) I agree that wireguard is the proper solution however it requires a lot of extra configuration and support in both ends, which now is prevalent but not so much 5+ years ago. Also for a single port solution, ssh is so much simpler, practical and reliable, you only need an ssh user at the other end.
ExecStart=/usr/bin/ssh -NT -o ServerAliveInterval=60 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -R localhost:YOUR_PORT:localhost:YOUR_PORT SOME_USER@YOUR_SERVER