My home and work ones both have Zigbee and Zwave. The modern ZwaveJS integration is amazing compared the old effort. Also: ESPHome, NUT, Mossie (MQTT), nginx proxy manager, MariaDB, nodered, Piper and that, Remote Backup, Terminal and SSH, DSS VoIP Notifier, VLC.

HACS with a fair few custom cards etc.

Good on you mate. I have no idea why you are being downvoted when you are being the big man when called out.

I do understand your position - it is bloody annoying to have to remind people how the web works but in this case you are doing a “show and tell”.

When doing something like that I think you should show all and tell all. “Here’s what I did and how I did it and here’s how you can do it too”. That’s why I went in with the rather dodgy ankle reference! Think about when you see those influencers with worryingly pneumatic lips and arses that might double as seating for a friend. They show all, really all and some make a decent living at it. Now think about what sort of response you want for one of your show and tells.

I do confess that I used to do the same as you - I blasted away at someone on The Register a fair few years ago and was called out and subsequently apologised. That was a game changer for me and I suspect for you now. That doesn’t mean that you can’t get riled occasionally but make sure it counts and you are in the right or at least nearly right … OK you think you are right 8)

Cool beans!

Cheers Jon

PS I’m 53 today

Perhaps but if you are doing a show and tell, why not do the full tell?

I can remember when Google didn’t exist and Altavista was the cool kid, or when the www didn’t exist and gopher and WAIS were the tools of choice. … and I can go much further back.

My real point is: If you are going to show a bit of ankle, and it is yours, make sure that everyone realises it is your ankle. If it isn’t your ankle, then tell us whose it is. It’s not fair asking people to search for pictures of ankles and then try to guess which one you have posted about.

SO: Next door have got their lights up, why haven’t we? Me: (Enable NodeRed flows for gutter and pergola light strings that switches them on at dusk and off late evening) Right, that’s the missus pacified for a week or so. I should probably get BigTimer to sort that out itself.

Employee: I’ve got all the printers for monitored using an auto entries card. (Good skills) Me: (Installs an addon that can use VoIP to do text to speech to a phone) We warn off the customer and now they get a phone call from “things” that tells them what consumables to buy and also sends an email.

When I finally get around to sorting out my glasses so I can see what my soldering iron is up to, I’ll get many more gadgets installed. My computer room at work needs a tiny ESP8266 and four 1 wire Dallas SC temperature sensors, a bit of vero board, a resistor, power and probably a buck convertor and a case, which I’ll print.

I adore HA.

Start off with Thingiverse or similar. I recommend something like: https://www.thingiverse.com/thing:3553160 There are a lot of models there - those are .STL that you “slice” and send to your printer. There is this: https://www.thingiverse.com/thing:2187167 which is CAD models with the working left in - OpenSCAD in this case. You load it up, generate a .STL and then pass that to the slicer.

I have a large plastic cabinet in my garden for storing a lawn mower etc. The hinges died years ago. I have printed new ones. At least 20kg of plastic waste has been avoided being dumped a lot longer. I am well aware (now) that I should not have bought the bloody thing in the first place!

If you go the OpenSCAD route, you might like this: https://github.com/JustinSDK/dotSCAD - the author sadly passed away recently but his work is legendary in my opinion.

Once you get printing sorted out, then move on to your own stuff. … or not - give it a go! I have a large bag of very strangely shaped PETG experiments that went badly wrong and need recycling.

I only use Reolinks these days. RLC-410 - some dome and some bullet. Cheap and easy to setup. I’m a long term Zoneminder user which I get to watch the low res stream and record on the high res stream. My ZM is a VM on VMware with a cheap Nvidia GPU passed through for CUDA. This still works: https://wiki.zoneminder.com/GPU_passthrough_in_VMWare but I should probably bring the wiki page up to date.

I have a Reolink door bell too - I went for the PoE one. It’s a lot better than my old Doorbird but not as sturdy. The door bird could drive a chime too which was nice. The Reo can’t but it is a PoE powered unit with a UPS backing the switch. That’s pretty resilient.

They never get to see the internet. I fiddle DNS so that pool.ntp.com points at my ntp daemons but I run an IT company so that might be a bit excessive for most! I have three Pis with GPS hats and antennae.

As you say, they are well supported by HA too. If you have a Coral and Frigate then you have lots of options. Just keep them away from the internet if you are concerned about who is looking through them apart from you.

I once named a load of servers for a helicopter company in the UK with elements. The cluster nodes were copper, silicon, etc. The cluster itself was called iron. The volumes were labelled fe_function.

It worked - it was easy to read and the bits that implied “cluster” were grouped appropriately. All the other servers had random elemental names unless they were associated in some way, in which case the group would be used. The engineers (real engineers with oil or distressingly nasty lubricants in their veins) loved it - it made sense, without being too quirky. It was very legible.

When those systems were hoicked out and replaced, the usual nonsense was applied: 2 char country code + 2 char site code etc etc ad nauseam. Followed by my absolute pet hate: 01. Oh so you might need 99 domain controllers? Yes you might, but not on one site.

Let’s face it, it is mostly AD admins who don’t get hostnames. I blame MS - their docs and blogs strive to be … authoritative or at least look so. An entire generation (possibly two) of sysadmins have been sold up the river by MS and their wankery.

That IPv6 forwarding page is strange. IPv6 does not need forwarding.

Anyway, I am trying to find a manual for your router. A Google search shows that it is probably NL localized and probably Asian manufactured for NL ISPs. Are you able to get a manual from your ISP? Their website looks just like one of ours - no help at all. I have also tried searching on the model and not much comes back.

I’m off on holidays for a few days. I’ll be back on dinsdag/tuesday (08/08/2023).

That is for ping. ICMP v6 REQ: REQ means request and is a NAT type of terminology. A firewall rule allows some form of inbound traffic - here ICMP ping inbound (REQ), and then creates a state entry which allows the corresponding return traffic (RESP or response) - pong!

ping can be useful to determine connectivity and that rule will not open you up to anything nasty.

Your router seems to have been designed by someone who gives a shit about security, which is a good sign.

You don’t need to put the IPv6 address into your browser. The host command shows that you have got DNS sorted - try:

$ dig @9.9.9.9 myserver.now-dns.net AAAA

That should return an IPv6 address and the @9.9.9.9 means: use the Quad9 DNS server - 1.1.1.1 or 8.8.8.8 will also try external DNS servers - CloudFlare and Google. Hopefully that’s naming sorted out.

Now to actual access. Your router will (probably), by default, block all inbound connections. I’ve just had a look at your screenshot and it has a menu entry: “Port forwarding IPv6”. IPv6 doesn’t need port forwarding really but I suspect that is how you allow access. I am now guessing. There is such a thing as IPv6 NAT and something called NPT (Network Prefix Translation) which is not for the faint of heart!

Have a look around in that menu a screen shot might help.

It might help if you tell us where you are (very roughly - country and perhaps city), your ISP and router model. I can get you to the point of all of this working but there are rather a lot of unknowns. I can see that your router offers Dutch or English so I will guess you are from the Netherlands.

As well as a link local address you should also have one or more globally routeable ones too. Hopefully you have at least one of those set up in DNS with a AAAA address. Therefore you should be able to put the address of your web server into your browser and off it goes. In theory IPv6 should be preferred by your browser, so even if both an A record and a AAAA record resolve for the name, IPv6 should kick in.

A quick check would be:

$ host mywebserver.example.co.uk

That should return an IPv4 and an IPv6 address. The IPv6 address is the same for internal and external - there is no distinction, which can be surprising if you are used to IPv4 and NAT. The final bit of the equation is that your internet router needs to allow access “from all to globally routeable ipv6 address of the web server”.

I can see that you have bound nginx to port 80 on both IPv4 and 6 - the two Listen directives.

• Can you get to it locally via IPv6 as well as IPv4?
• Can you get to it via IPv4 externally?

Let’s get right down to basics:

• ping -6 google.com - from the web server, does it work?
• ping -6 google.com - from your PC/laptop.phone, does it work?
• https://test-ipv6.com

I’m on GMT+1/BST/UTC+1 so its a bit late now. I’ll pick up tomorrow pm

Best of luck. Let us know how you get on

There is a lot going on there so I suggest divide and conquer. Shut down Caddy and configure something like nginx or apache with a simple static index.html page with a single word in it. Does that work? Start really simple, so open port 80 as well as 443 and add ssl only once you have proven http works OK.