2023-07-28T14:46:00

Minecraft server without forwarding a port

The most common way that people run public Minecraft servers is by buying a cheap VPS or a managed service. It's convenient enough but costs some money every month. If you've got a somewhat decent PC, it might be a better idea to run your server at home.

But there are some possible limitations to consider. If you're like me and don't have a static IP address given by your ISP, it would be difficult for others to connect to such a server. This would require something along the lines of updating a DNS record constantly. Seems like a lot of work.

Say you have a static IP and get the port forwarding done. Now your home PC is wide open to the public internet. It becomes vulnerable to hackers, bots and whatnots. Unless you've got a beefy firewall, this is not a good idea.

Ultimately I chose not to port forward and use a tunnel instead. I installed cloudflared on my machine and set up the tunnel. This did not work as I later learned that Cloudflare tunnels only work for http/https traffic, unless the clients also run cloudflared and connect to the tunnel. This is not feasible as I can't expect every player who joins the server to install and run the cloudflared service. There also is a dedicated service from Cloudlfare for Minecraft servers (TCP traffic). This also costs money so not an option.

It turns out ngrok allows TCP tunnels in their free tier so I tried this next. It worked perfectly fine. All that's left is to add a DNS record so that players would not have to enter a long url (and a port number).

This actually required two DNS records. A CNAME record which directed my domain to the ngrok tunnel's domain and an SRV record which directed to the ngrok tunnel's port.

{my host}.com. 1 IN CNAME {tunnel host}
_minecraft._tcp.{my host}.com. 1 IN SRV 0 0 {tunnel port} {my host}.com.

2024-01-08T08:06:00 update:

It's actually a lot simpler to use playit.gg as a tunnel so do that instead.

 
Go back