[Guide] How to host webservers on Jio Fiber, accessible to IPv4 clients

As you might know, Jio does not offer static IPv4, and it is not easy to apply for port forwarding (for Camera etc. purposes). However, they do provide IPv6 and this can be used for hosting web servers.

To allow IPv6 incoming connections to your device (e.g. a PC running nginx), you need to disable all firewall rules in Jio Router. (At least initially for ease of setup / troubleshooting - once you get it working you can slowly tighten it up).

Your device on which you want to host must be connected to your Jio router directly (Wifi or LAN) and must have IPv6 assigned from the Jio router's DHCP.
On your device running webserver (nginx, plex, whatever), make sure it is bound to localhost or the IPv6 equivalent (NOT 127.0.0.1 - this wont allow IPv6 connectivity). Usually apps bind to all network interfaces so you should be fine.

From command prompt (or equivalent), Type ipconfig all (if you're on linux you probably know the commands - but it should be ifconfig), and view your IPv6 address. This is indeed your "Public IPv6". Let us assume it is 2001:0db8:85a3:0000:0000:8a2e:0370:7334

If your server is running on port 80, for example, you can now, from another client, access it by specifying a URL [2001:0db8:85a3:0000:0000:8a2e:0370:7334]:80. But this is limited to IPv6 clients only.

For IPv4, you need a domain name. Freenom offers free '.tk', but I'd recommend spend $1 and get a .xyz or something from namecheap. With a domain name, you can setup a cloudflare website, and have the DNS AAAA record point to your IPv6 (no A record).

E.g. AAAA record for 'randomdomain.xyz' -> 2001:0db8:85a3:0000:0000:8a2e:0370:7334

Set cloudflare proxy for the domain to "On". Now cloudflare will act as an automatic gateway, and IPv4 only clients can go to randomdomain.xyz, and access cloudflare over IPv4, which itself will connect to you over IPv6.

Using this method I was able to run a webserver, and had a friend in U.S. download from me at ~90Mbps (My Jio Speed is 100Mbps). This was probably helped by routing over Cloudflares network.

One caveat is - you cannot run services like FTP, SSH etc over Cloudflare, only web servers (on port 80 and 443 only, too). But for hosting Plex or something it works great.

Have fun!

 

[PrayagPrajapati]

Please do a test on the server to get the correct address using this link

It works know! But only for port 80 😅. Is there a fix for that?

 

[keithcardozo]

Do you mean ipv6 is now working on port 80?
If it works on port 80 , it should for any port.
What type of server is used to listen on port 80.
You will need to explain what have you tried

 

[keithcardozo]

Udp ports for ? If using ipv6 there is no need for port forwarding. Just the firewall needs to be set to any for inbound connections.

 

[PrayagPrajapati]

I meant that would port forwarding a UDP port allow me to access my server? And also using ports other then 80 won't work for ipv6

 

[keithcardozo]

I don’t have any problems with any port on ipv6. I can connect on different ports other than 80.
if you are able to connect on port 80 , it should allow you to on other ports.
Please share the following
1. What is the webserver (or service) used to listen on port 80 or any other port.
2. From inside your Jio Fibre either on Wi-Fi or lan are you able to connect on different ports.
3. Share again a print screen of your firewall rule of the jio router.
4. Have you made sure if using windows OS there is no firewall that’s enabled at least for testing.

 

[keithcardozo]

also your initial testing should from a client running ipv6 and not via cloud fire, as that has its own limitations on ports other than 80 ,443

 

---

[PrayagPrajapati]

also your initial testing should from a client running ipv6 and not via cloud fire, as that has its own limitations on ports other than 80 ,443

I am going to reverse proxy to a cname domain, I get an error saying that DNS challenge has failed when i try to create an SSL cert for the proxy host, i.e it means that my address is not reachable

 

[keithcardozo]

To reach your ipv6 address that is listening on a different port other than 80 and 443 , the above method will not work.
Your client device should be having a reachable ipv6 address and the ipv6test should all be green on this device.

Any other method of connecting to an ipv6 address will work only on port 80 and 443.

is there a reason you are going through a reverse proxy to a cname domain?

 

[PrayagPrajapati]

is there a reason you are going through a reverse proxy to a cname domain?

I am proxying because I want to host my Minecraft server and jellyfin server and also I can connect to my open media vault page outside my house using ipv6 and domain which is pointing to it.

 

[keithcardozo]

Ok unfortunately in that case ipv6 will not be a solution for you as proxy on ports other than 80, 443 may not work.
If you just plan to host 2 servers on different ports your best option is to use ipv4 and do port forwarding. My earlier first post i have given detailed instructions on how this can be achieved.

 

[PrayagPrajapati]

How can I port forward for Ipv4?

 

[keithcardozo]

These are the steps to IPv4 port forwarding using Jio Fibre

1. JioFibre does give you a valid static routable public IP in the 49.44.xxx.xxx range only when you ask them for it.
2. Only 3 external ports are mapped to 3 internal ports (they will not map more than 3 ports)
3. You can choose any 3 internal ports in the range from 80-8000 to be mapped. Eg the external public ports can be 16601, 16602 , 16603 and internal ports can be 80 , 3389 ,443
4. It will look like this http://49.44.61.xxx:16601
5. The above port 16601 is mapped by them in their backend to your internal port say 80. If you have a webserver listening on an internal IP address like 192.168.29.5 on port 80 , all you need to do is type the url mentioned in point 4.
6. The final mapping of the ports from external to internal takes place on the jio fibre router in the security menu – Custom services – ports defined there should be the external ports. Then in the next tab on port forwarding select the new customservice from the dropdown and add the internal IP say 192.168.29.5 and port 80. Add on similar grounds the 2 remaining ports that have been mapped.

Now the most important part is how do you connect with them and ask them to give you a routable static IP and do the mappings.

1. Write a mail to customer care jiofibercare@jio.com
2. State your requirement of a public Static IP which is routable – Mention you need this for IPCameras / NVR and you need to connect to your cameras from outside
3. Do not mention you want to host a webserver etc as then they may not accept the request.
4. They will respond back in a day or two on details of your camera , internal IP address and Mac address and availability of the IT person. In my case I told them I am the IT guy and have the knowledge and details of the camera and the ports that are used by it.
5. They will then send a guy to your home. This person is non-technical who only knows how to connect cables. He will call up his Network team in JIO. I told him I would like to speak with them and explain my situation.
6. I did a lot of probing on the technical details of what they will need to do and hence understood the entire flow from them.
7. I had my IPcam connected via wifi and gave them the IP address and Mac address along with the ports that I had configured on it. Remember only 3 ports are allowed to be mapped.
8. You can have you PC mac address show up in the router interface and tell them that on this IP address, mac address and port the port forwarding rules are to be made
9. They will then give you a valid routable public IP address and 3 external ports and ask you to choose any 3 internal ports in the range 80-8000
10. The Existing WAN IP on the router which is a CG Nat remains the same, just another static IP is told verbally to you. This static IP Is not configured on the jio router. Its just mapped to your external WAN IP address seen by other websites and mapping of 3 external ports to 3 internal ports.
11. Once done you can then connect as an example on http://49.44.61.xxx:16601 . ping and telnet on this IP and port also work and so does my camera , my webserver , my plex server.

 

[PrayagPrajapati]

You can choose any 3 internal ports in the range from 80-8000 to be mapped. Eg the external public ports can be 16601, 16602 , 16603 and internal ports can be 80 , 3389 ,443

Can I choose port 8096 and 25565?

 

[keithcardozo]

No, only equal or below 8000

 

[kelaBoy]

I have a few queries here
1. Is there any way to access the Jio Giga ONT WebUI over the Internet? I have gone through this whole thread and the other thread, and understand that we get only public IPv6 IPs not the public IPV4. I can't seem to find any setting to turn that feature on, like in the good old days of ADSL routers/modems.

2. And why do I see my Windows 7 machine getting a temp IPv6 assigned as well, besides the regular IPv6 address.
And strangely, the temp IPv6 address that my Windows 7 machine shows seem to be the same as the public IPv6 of my connection . Read up on temp IPv6s and went a little over my head. Would need to read again.