Why don’t IPv6-only providers offer an IPv4 reverse proxy (e.g., via Nginx) for HTTP/HTTPS?
I’ve noticed that some providers now offer IPv6-only VPS plans, which is a good step forward. What I find curious, though, is that most of them only provide IPv4 port forwarding rather than an HTTP/HTTPS reverse proxy.
Port forwarding certainly works in some cases, but it can feel limited when the goal is to host websites. With just forwarding, managing multiple domains or virtual hosts gets awkward. By contrast, an IPv4 reverse proxy (for example, using Nginx or HAProxy at the provider’s edge) could accept connections on IPv4 and pass them over IPv6 to the VPS. That would make it much simpler for end users to run websites on IPv6-only servers without extra layers of infrastructure on their own.
So I’m curious:
1. Since IPv4 port forwarding is already offered, why isn’t reverse proxying for HTTP/HTTPS more common?
2. Are there technical challenges or scaling issues that make it impractical?
3. Or is it simply that demand hasn’t been strong enough for providers to implement it?
I’d be interested to hear if anyone knows the reasoning behind this, or if providers themselves have considered it, I’d really like to hear from you on this. Because from my point of view, for website hosting, IPv4 reverse proxying would make IPv6-only offerings far more appealing to everyone, since IPv6 is still not offered by many ISPs.
Never make the same mistake twice. There are so many new ones to make.
It’s OK if you disagree with me. I can’t force you to be right.
Comments
Meh just use cloudflare
/s
The all seeing eye sees everything...
That... is actually a very good recommendation. It’s something I’ve suggested to others in the past, but embarrassingly managed to forget about myself until I saw your post.
Cloudflare really does solve the problem neatly: you can take an IPv6-only VPS and instantly make it accessible over both IPv4 and IPv6 for HTTP/HTTPS, while also gaining the benefits of a global CDN, caching, and a decent layer of DDoS protection. It’s hard to argue with the convenience of that setup.
That said, it does shift the dependency onto a third-party service rather than keeping things fully within the provider’s own infrastructure. For many people that’s perfectly fine, maybe even preferable, but I still think it would be interesting if more providers explored the idea of offering their own lightweight IPv4 reverse proxy solution alongside port forwarding. It feels like it could strike a nice balance: IPv6-first hosting that’s still practical for websites without needing to lean on external services and the potential cost that may come from that.
Never make the same mistake twice. There are so many new ones to make.
It’s OK if you disagree with me. I can’t force you to be right.
IPv6-only plans are offered to keep prices down. If a provider offers a proxy service, they will have to spend a lot of time handling abuse complaints, and time is money.
I assume it's mostly because the big panels (e.g., Virtualizor, VirtFusion, etc) haven't implemented that feature, so it'd be hard for a provider to offer it. (Correct me if I'm wrong, I've only used VirtFusion very briefly in the past)
It'd be cool to add but it'd be pretty complicated to implement for a feature that realistically a lot of users wouldn't use due to Cloudflare being able to proxy for free.
We are working on something similar for our new panel (implementing load balancers) and it's somewhat complex to have to deal with setting up SSL certificates, services, etc along with monitoring things like connections.
I am a representative of Advin Servers
Reverse proxy = forward "incoming" request from the main server to the IPv6 VM.
So the abuse is the same as if the user uses the VPS with IPv6 only.
Nginx Proxy Manager is readily available, and it has a API for creating reverse proxies. Granted, like you mentioned, this is a bit of extra work for the provider since most control panel does not support it. But on the other hand, this would make their IPv6 more competitive.
Never make the same mistake twice. There are so many new ones to make.
It’s OK if you disagree with me. I can’t force you to be right.
it’s not technical - it’s liability and ops overhead
most vps providers wanna stay infrastructure-only
why build a complex proxy layer for 3% of customers? providers won’t touch this until ipv6 is unavoidable
The problem with forwarding through a reverse proxy - and we did check it as an idea - is that, in order to successfully reverse proxy, you either need to have it supported at the main panels, or need to have a domain (at least a subdomain) associated with each IP you're reverse proxying to through, for example, Nginx or something. Implementing it manually by request (creating or changing a domain) does not cut it, the sheer ticket volume it would create is not sustainable.
To make it reasonably feasible and possible to automate at a server level, you'd need to preallocate the subdomains (on your own purchased domain) to each IP at your registrar, prior to any server launch, which in turn is most optimized to do that way if the registrar has an API you can use to mass update this.
Several registrars have technical limits on the number of records you can allocate to them for a single domain or account. Several registrars do not even offer an API.
Since that is not supported at the main panels, that leaves a provider with 2 options:
a) implement it manually, losing lots of time, patience and generating additional tickets for something not directly controlled on the panel, implying loss of money;
b) not implement it at all and save all the hassle, and the customer, if it is wanted, can proxy the access through Cloudflare or something.
Naturally providers go through option 2.
Not really, people looking to host a website with cp, malware or whatever will probably want to have connectivity over IP4, not only IPv6.
I do it's called a load balancer
Free Hosting at YetiNode | MicroNode| Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop?