Alternative to Port Forwarding: No Control Over Network

Hello! I was wondering if you have any tips for an alternative to port forwarding altogether. I live in a dorm that has shared WiFi and I doubt the company managing the network infrastructure would be willing to open ports in the context of being responsible for hundreds of students. I briefly read about the possibility of using VPN as an alternative to port forwarding, but since I have to pay for that I might as well pay for hosting itself, so I’m curious to know if there are any free alternatives to opening my Pi to the web in my situation.

Haha, yeah, I’m probably going to be in the same boat myself when I decide I don’t like money and instead go back to grad school. Your question is one that has been living rent-free in the back of my mind for a while now.

No matter what, you’re going to need an IP address that’s publicly available to handle requests which, by definition, means opening ports on a router so your server can listen for them. Since we don’t control the router, that means it’s going to cost us some money.

The only question is how much money.

If you just want to host a website then, like you said, you may as well just buy hosting. But if you want to expand past that (and it’s perfectly fine if you don’t), then you can that same shared server to handle your public requests and tunnel all of the traffic back to your dorm. In that case, basically your rented server becomes a shell that just handles and forwards along traffic requests; it doesn’t do much processing, which means the server can be cheap, like $5/mo cheap.

So you can still self-host, you just have to tack on an extra $5/mo server to be your public connection.

Now how do you actually do the tunneling I was talking about? Well, there’s lots of options here. I’ll list out a few so you can research them:

  • Reverse SSH Tunnel: Basically your server in your homelab (at your dorm) initiates a connection to your public server and establishes a tunnel connection so that traffic can be forwarded between them.
  • WireGuard
  • Traditional VPN
  • Tailscale (which is based on WireGuard)
  • ZeroTier
  • Friend/family that’s willing to let you set up a server (or even just a Raspberry Pi with WireGuard) at their home
  • Don’t forget about IPv6 if it’s available

Even people that have control over their own router can run into this problem if they’re stuck behind a CGNAT (carrier grade NAT).

Recommendation: I think your best bet is going to be buying a cheap $25/year VPS and setting up WireGuard on it between it and your “dormlab”.

Let me know what you end up going with!

-TorqueWrench

By the way, what are you studying?