*not* just another blog ;)

If you have a NAT VPS you will notice that they do not come with their own IP address, instead they come with a shared IP and a range of forwarded ports. The port range you get is usually never the same as what you want them to be.

For example, let's say you want to run a web server on your NAT VPS, you will find that your port range might be 12300-12320 but we need port 80 and 443 for web servers.

The solution is using the IPv6 address that comes with your NAT VPS, along with Cloudflare's IPv6 to IPv4 gateway.

Today I will set up a web server on a free domain from Freenom, using a $3/year NAT VPS from Wishosting and using Cloudflare to make it all work.

What we need

  • A domain - this can be your own domain, of if you don't have one, you can use a free one from Freenom.
  • A NAT VPS - If you don't have one, there are some on this list.
  • A free Cloudflare account

Getting Started

Once you have your domain and your Cloudflare account connected (you've set the name servers for your domain to those that Cloudflare gave you) we can move on.

We need to find the IPv6 address of your NAT VPS, and to do this we issue the command:

ip -6 a

This will return something similar to this:

    inet6 2001:41d0:2:c1d2:200:c0a8:6628:0/112 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::c0ff:fea8:6628/64 scope link 
       valid_lft forever preferred_lft forever

IPv6 is a complicated thing in my opinion, but what we're looking for is this:


That is the IPv6 address for this VPS - yours will be different, but you get the idea.

The fe80:: address is the equivalent of or the loopback/localhost.

Setting up Cloudflare

So, in the first steps I glazed over the whole adding nameservers part. I will assume you can do this, if not, please let me know in the comments and I'll add those details in. It varies depending on which registrar you use for your domain.

On Cloudflare, what we need to do is add an AAAA record with your IPv6 address.

Here's an example: If I wanted to have dah85.cf point to the web server running on port 80/443 on my NAT VPS, I would add the following records:

  • AAAA - dah85.cf - 2001:41d0:2:c1d2:200:c0a8:6628:0
  • AAAA - www.dah85.cf - 2001:41d0:2:c1d2:200:c0a8:6628:0

Tip: Make sure the Cloud icon is orange or it won't work

This means that when someone visits dah85.cf or www.dah85.cf in their browser, it will automatically connect to the IPv6 address even if the visitor doesn't support IPv6. Cool eh?


There are a couple of points to note about this. Firstly, this will ONLY work for Websites - it does not forward SSH or FTP or anything else. Secondly, if you've changed the port that Apache or Nginx listens to from anything other than 80 or 443, this will not work.

If I have missed anything or you need clarification, please let me know in the comments below and I will add the details in this post.

I have recently aquired a NAT VPS, which I will talk more about in a future post, but for now, I need to change the port that apache listens on from the default port 80.

Here's how I did it.

nano /etc/apache2/ports.conf

And change the "Listen" value from 80 to, in my case, 50781

Save the file, and we'll move on to the next part.

nano /etc/apache2/sites-enabled/000-default.conf

And then change the first line, which will be to (Change the port to what you'll be using)

After that's done, we need to restart Apache

systemctl restart apache2

And you should be able to access the website on your new port!