Setup a website on a NAT VPS from I-83 / LowEndSpirit

What is a NAT VPS?

A NAT VPS is a VPS that will only cost you a couple of dollars a year. how are they this cheap? They share your primary IPv4 with many other users (similar to how most home networks are setup) and because of the current high cost of an IPv4 address you are only paying for the resources that you need.

With a NAT VPS you can only use the ports that are assigned to your VPS, this means that you don’t have access to standard ports such as 21,22 and 80 making it difficult to run websites on these servers although it is possible. A NAT VPS is also good for setting things such as TeamSpeak 3 as it doesn’t require a lot of resources to use.

So how do we run a website such as a WordPress installation or plain HTML? 

All of the LowEndSpirit providers and I-83 offer IPv6 for free with your NAT VPS, we can use this with Cloudflare to turn that $3/yr into a great way to run your website at a very low cost.

Cloudflare offers a free service to allow IPv6 addresses to be converted into IPv4, using this we can run a web server such as Apache on the VPS’ IPv6 address and allow Cloudflare to then give it a IPv4 address for regular users to connect with.



So lets get into the tutorial!

  • You’ll need a few things before getting started, first would be getting a NAT VPS! You can do this by either going to LowEndSpirit or I-83.net and purchasing one of their servers, personally I recommend I-83 as I have used them in the past and currently (this tutorial will be on one of their servers) although LowEndSpirit is also a very good choice.
  • I’ll be using Debian 7 for this tutorial, this is because it is very lightweight and stable which is great for a very small machine.
  • I’ll be using Apache as a web server, you can use NGINX but you’ll need to install and set it up yourself.
  • I won’t be install MySQL, this is because these servers are very small and it would more than likely overload the server. You can install a MySQL on your server by yourself as it should be very easy as you won’t need to mess with the IP’s that the server is bound to (as you connect via localhost).

1. Connecting via SSH

Let’s start by getting a working SSH connection to the VPS. As I said at the start of this tutorial your VPS will not have access to standard ports such as 22 which is the default port for SSH. To get around this each NAT VPS has a special port forwarded to the internal IP address of the VPS, this is normally the last 3 digits of your internal IP address with 22 on the end, for example, if your internal IP address was 192.168.0.456 then the SSH port for the public IP would be 45622. You can find your internal IP address by reading the welcome email from the host that you chose, so for the server we purchased from I-83 we have:

Server Details
Hostname: vpsguide
Main IP: 192.168.43.35
Shared IP: (see above)
Root Password: redacted
IP Addresses Assigned:
2a06:****:0000:****:0000:0000:0000:0001 

I have blanked part of my IP’s to protect the server from DDOS etc. 

As my “Main” IP ends in .35 the port to login with my SSH client will be 3522. Now we will need to find the external IP which will be the public facing address for your server, on I-83 you can do this by viewing their post in the knowledge base. Since my internal ip address is 192.168.43.35 I can work out that my external IP address is 185.164.138.19.

So to connect via SSH I will need to put 185.164.138.19 with the port set as 3522 (185.164.138.19:3522).


2. Getting the server ready

Now that we’re connected via SSH we need to get the server ready to install our web server and also make sure that everything is up-to date. To do this you will need to run:

apt-get update && apt-get upgrade -y

This may take a couple minutes, the point of this command is to update the package lists on the server then update anything that isn’t running the latest software.


3. Installing Apache and PHP

Now we will install the web server it’s self, we will be using Apache2 for this. You need to run the following in your root terminal.

apt-get install apache2
apt-get install php5 php-pear
service apache2 restart

If you also want to install MySQL (not recommended due to the limited resources on your server) you can also run

apt-get install mysql-server
mysql_secure_installation

You’ll need to enter a secure root password for your database server, and finally you will also need to run (if you’re installing MySQL)

apt-get install php5-mysql
service apache2 restart

And there we go, a working LAMP stack! The next few steps are very important so pay attention!


4. Making the website accessible

Now that we have a working web server installed we need to make sure that visitors can see the web pages that it hosts, because of the IP being shared we don’t have access to port 80 or 443 which are the standard HTTP and HTTPS ports, to get around this we will be making use of the servers IPv6 address and also Cloudflare. This is because Cloudflare offers a free proxying service which allows you to convert that IPv6 address into a IPv4 that visitors will be able to see your website with.

To get started we will need to find our IPv6 address, we’ll do this by going to the email that we received when we signed up for our service, there should be a section with something like “Other IP Addresses” and then a long number with letters mixed in, that is your IPv6 address.

My email said the following

IP Addresses Assigned:
2a06:****:0000:****:0000:0000:0000:0001 

Again, blanked some of the characters to protect my server.

Now that we have our IPv6 address we’ll need to create a Cloudflare account, we can do this by going to this page on the Cloudflare website and creating an account.

After you have created your account you’ll need to add your domain, you can do this by selecting the “add website” button at the top right of the page when you have signed in.

add website

Cloudflare will then run you through a quick tutorial on how to change your nameservers for your domain, the nameservers are responsible for telling peoples computers where to go when they enter a domain into their web browser, for Cloudflare to be able to work correctly it will need full control of these nameservers. Many registrars make it easy to change your nameservers, simply login into your domain registrars control panel and enter the nameservers that Cloudflare has given to your or ask your registrars support to do it for you.

After you have changed the setting it may take a few hours to fully take effect.


5. Adding the domain record

Now that Cloudflare is setup with your domain you will need to add the record that tells Cloudflare what IPv6 address to proxy to IPv4. We do this by adding a “AAAA” record in the Cloudflare control panel. Set the “name” section to just a “@” so that it applies to the root domain (yourdomain.com for example) then create another record as a “CNAME” record with the name “www” and the target as your domain “yourdomain.com”. This will forward the www version of your domain (www.yourdomain.com) to the non “www” version. Make sure that you have selected the cloud so that it is glowing orange otherwise Cloudflare won’t proxy your traffic meaning that it won’t work!

cloudflare


6. Binding Apache to the IPv6 address

You may need to bind Apache to the IPv6 port on the server for it to work correctly, you can do this by running:

nano /etc/apache2/apache.conf

Then you need to edit the listen section and change it to your IPv6 address, remember that your IPv6 address needs to be in brackets and the port 80 at the end like this!

Listen [2001:db8::a00:20ff:fea7:ccea]:80

There we go!

After an hour or so when the DNS has finished propagating your website should now be online using your new NAT VPS, visitors who connect to your website will be able to see your website thanks to Cloudflare proxying their IPv4 to your IPv6, you will also enjoy Cloudflares free CDN and caching for great price of nothing!

If you have any questions or an issue remember to leave a comment and we’ll see if we can help, you can also contact me at [email protected] and I’ll see if I can help 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *