I am considering using Fly for a new project we’re building, an IoT platform. I really like the ease with which I can deploy apps and make an Elixir cluster.
However, I was wondering if it is possible to attach an IPv4 address to a specific server?
Essentially, I want a device to connect to a particular server over TCP. The device gets the right server’s IP address by either DNS or another method.
I think this is achievable over IPv6 using Fly as individual VMs have public IPv6. However I noticed the public IPv6 changes across deploys, but from the forums I understand that Fly Machines have the same public IPv6 across deploys. However, even my own home internet doesn’t support IPv6 yet, and just yesterday there was a post on Hacker News about how unusable IPv6-only is till today. So I would like to be able to access machines on IPv4 too for the devices and networks that do not have IPv6 capability.
I see additional IPv4s are available for $2/month, but as far as I understand from the docs, they’re attached only to the application, which the Fly-Proxy directs traffic to using Anycast.
I have read through the docs and the forums, and my understanding so far is that an Application gets an IPv4 and an IPv6, and each VM gets a public IPv6 address (on which public traffic can be sent, but I haven’t been able to make it work yet, I’ll try further).
The main goal is reduce the amount of traffic being forwarded from one VM to another because it can amplify really quickly. I thought of another solution, which is to deploy multiple applications in different regions with the same codebase. This way, at least there won’t be too much cross-region TCP traffic flowing through our VMs.
If this doesn’t work today, are you considering allowing attaching IPv4 addresses to specific VMs for extra cost?
What about some programatic way to control what Fly-Proxy does? For example, if a device connects to an IPv4 of the Application, but sends a specifically crafted TCP packet containing some identifier or the public IPv6 address, then the Fly-Proxy could forward it to the right machine, instead of the closest one? Something like one of the HTTP headers which directs traffic to specific machines, but for TCP. It doesn’t even have to be TLS, and perhaps the TLS handshake can start after that (so that the possibility of the VM handling it remains, instead of terminating on the edge)?
Thanks and sorry for the long post!