34
Changed ISP and server now unreachable (sh.itjust.works)
submitted 11 months ago by beppi@sh.itjust.works to c/selfhosted@lemmy.world
21 comments fedilink hide all child comments

Hey guys, Changed ISP to Aussie Broadband yesterday, and suddenly can't seem to connect to my server using my domain (still can connect in the local network). Aussie Broadband uses CGNAT, and I opted out of that, but I still can't seem to use the server.. am I missing some router settings I might need to change? Any other ideas?

Server firewall is off, ports 443 and 80 are forwarded to the servers nginx proxy manager etc. Using ddns that ASUS provides with their routers and Cloudflare domain

Thanks for any help!

top 21 comments
sorted by: hot top controversial new old
[-] Vector@lemmy.world 35 points 11 months ago

I have AussieBB and had to give them a call at one point to allow inbound traffic so I could expose my self-hosted server. They flicked a switch for my account and then everything came good.

If you give them a ring and explain what you’re trying to do it should get sorted out very quickly. Their customer service staff are very knowledgeable and friendly - they’re the best RSP I’ve ever had.

[-] beppi@sh.itjust.works 24 points 11 months ago

This was the answer, called up and got them to unblock ports 80 and 443 (they actually unblocked them all). Thanks alot!

[-] Drusenija@lemmy.drusenija.com 12 points 11 months ago

99% this is probably what's happened. Aussie by default blocks incoming traffic on the usual ports (25, 80, 443, etc.) but will happily remove the block if you give their support team a call and explain why you want the block removed.

There's also an option to remove it in their app these days as well I believe. Go to Service Tests -> Port Blocking and you can disable it from there.

[-] alex@agora.nop.chat 3 points 11 months ago

Yep, the app is by far the easiest way to deal with it, and it's got a great amount of troubleshooting options too.

[-] Vector@lemmy.world 1 points 11 months ago

Ah that’s great. It wasn’t an option when I had to get it sorted but that was a few years ago. The self-service options in the app are excellent for basic config and troubleshooting.

[-] railsdev@programming.dev 0 points 11 months ago

CGNAT, A records, usual ports blocked by default

Aussie Internet sounds like a real shitshow

[-] VelociCatTurd@lemmy.world 23 points 11 months ago

Does the A record for your domain match what your IP is right now?

[-] Salix@sh.itjust.works 18 points 11 months ago

Did you update your public IP address for your domain after changing ISPs?

[-] Decronym@lemmy.decronym.xyz 10 points 11 months ago* (last edited 11 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
CGNAT Carrier-Grade NAT
DNS Domain Name Service/System
IP Internet Protocol
NAT Network Address Translation

3 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.

[Thread #121 for this sub, first seen 9th Sep 2023, 08:45] [FAQ] [Full list] [Contact] [Source code]

[-] jadedwench@lemmy.world 1 points 11 months ago

Good bot

[-] cory_lowry@lemmy.world 9 points 11 months ago

Sounds to me like your IP changed and your A record isn't pointing to the proper IP anymore.

[-] flubba86@lemmy.world 8 points 11 months ago

The new ISP would have given you a new IP address. Do you use a dynDNS to automatically update the record? Or do you need to manually update your domain's DNS service to point to the new IP address?

[-] andrew@lemmy.stuart.fun 4 points 11 months ago* (last edited 11 months ago)

Does your new ISP allow 80 and 443? I was under the impression that's pretty rare for ISPs though I'm not sure that's true in Australia. Mine only allows 443 but not 80 "to prevent Internet worms from spreading and to protect bandwidth." 🙄

[-] Shdwdrgn@mander.xyz 5 points 11 months ago

At one point my old provider went under and sold their customer base to another provider, and things stopped working for me. I had to convince them I had a reason to open up port 25. I was like dude, I've been running mail servers longer than you've even been in business.

They opened up all ports to me.

This story may have been slightly sensationalized for entertainment value

[-] elbarto777@lemmy.world 1 points 11 months ago

I was entertained.

[-] shnizmuffin@lemmy.inbutts.lol 4 points 11 months ago

Too be fair to your ISP, the only thing you should be using 80 for is redirecting to 443.

[-] andrew@lemmy.stuart.fun 1 points 11 months ago

Right, but if I can't redirect (ISP just drops packets afaict) and you don't explicitly type https:// or use an https link, and I don't have something like HSTS preload configured for that domain, your browser will just hang if it's on my system. You can't just type "lemmy.stuart.fun" and have it work unless you happen to hit my hairpin, i.e. be on my network.

Mostly I try to keep things I want publicly available on .dev and it just works thanks to the full .dev HSTS preload. But it's still annoying.

[-] pHr34kY@lemmy.world 2 points 11 months ago

I'm on ABB and everything was fine after I called up and got CGNAT disabled and the ports unblocked.

You can unblock ports in the MyAussie phone app these days.

And you most definitely got a new IP address. Make sure you've updated your DNS. My IP hasn't changed in over a year. It only ever changed when they upgraded their equipment.

[-] Lightning66@lemmy.world -1 points 11 months ago

Did you check whether the new IP assigned are any different. Once it happened that my old ISP had ip range 192.168.0.x. but the new ISP had ip range of 192.168.1.x

This made my machine not accessible.

[-] shnizmuffin@lemmy.inbutts.lol 11 points 11 months ago

Those are internal ranges.

[-] lando55@lemmy.world 2 points 11 months ago

Should have paid for upgrade to a 10/8

this post was submitted on 09 Sep 2023
34 points (94.7% liked)

Selfhosted

38633 readers
244 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz