Do you have that VM siloed off from the rest of your network

I have an apc battery hooked up to it

What do you have in terms of available hardware?

Search amazon for m2 drive cloner.

They have devices that will clone one disk to another. I did this for my kids computer to increase the drive size without having to reload all of his apps.

I use a vps running openvps. Then i only allow ssh access from my vpn ip address.

Im a pihole user. I never felt the need to move to another platform but im listening to yall discuss this.

This doesn’t surprise me at all.

When you connect to the other mesh networks, are you getting an IP address in a different subnet?

What OS are you using for lemmy?

Im using 10gb network cards in my homelab. My vm server has an extra 1gb port for an outside interface on multiple pfsesne vms that i use to route traffic over vpn tunnels.

Then on my nas i have 10gb to a switch with the vm servers. It has another 1gb interface that i run directly to another nas. It uses that direct link to backup data nightly.

What did you intend to do with the vps?

I have used a bunch of companies and theyre all good enough. Here are ones that stood out to me.

vultr.com because they offer a lot of capabilities in their admin console. Like uploading a custom iso for an os they dont already have listed.

Fdcservers, unmetered service but the connection isnt gig.

Ovh has very competitive pricing and cloud like capabilites.

He mentioned he was looking at cloudflare logs. So its making an out bound tunnel and when the ec2 firewall is on it doesnt make a connection. If its an outbound tcp connection he should still be able to do a packet capture and see if the handshake is being performed.

Lets say you have a bunch of self hosted servers. How are you tracking their ips on ipv6? Are you able to type the ip off the top of your head? I feel like its very simple with ipv4.

If nothing shows in the logs, run a packet capture on the ec2 instance and test cloudflare again.

I avoid ipv6 as much as possible.

When it doesnt work, check the log files for the firewall block message.

If you place this on the inside of your network and it triggers, youre either compromised or a scanner/ person triggered it.

You can also use something called canary tokens. You would put a file on a share that triggers an action to alert you.