External ports without proxy

I have a few apps that want to accept TCP connections, and receive UDP packets from external sources. The separate instances of the app are supposed to have different IPs. I don’t think exposing them via [[services.ports]] achieves what I want, that will route all traffic to my app’s public IP to an app instance selected by the Fly proxy. My app also makes outbound connections, I assume those will look like they are coming from IPs that do not much the public IP. How do I achieve this? As far as I can tell, my app is achieving some connectivity, it looks like outbound connections and packets work as expected, but it’s possibly NAT-like, but inbound packets from arbitrary locations don’t seem to be arriving at the app instances.

Fly VMs can’t be addressed directly from the internet with IPV4, though you may be able to do this with the IpV6 address in FLY_PUBLIC_IP.

And you’re right - outgoing connections will not use a predictable IP address.

If the issue you’re having is with incoming UDP traffic, check out the instructions in this guide: Running Fly.io Apps On UDP and TCP

Thanks, the article clarifies how to do UDP through the proxy. However it doesn’t cover how to expose ports directly without using the proxy.

Hi @eruanno

You can open a port on the vm directly using the experimental allowed_public_ports config but this only works over IPv6.

2 Likes

Thanks @charsleysa that helped a lot.