I know I had been away from this blog for quite some time now. A lot has changed in my life since the last time I wrote and I have been very lazy at this. To kick it off again, I am going to tell you about this amazing tool I discovered called - ngrok. Lets hope this journey goes smoothly in the future :)

The Need

I have recently moved to a new apartment and switched my ISP to Hyperoptic from Sky. Hyperoptic is arguably the best ISP in the UK offering very cheap plans for very fast connections. I was happy to be getting 150Mbps for 10 quid a month! But, my homeserver(more on that later ;) ) was not able to get online. I had set it up to be completely reproducible with minimal configurations but I was struggling to reach it from the internet. I was sure I had correct port forwards in my router but when I tried using nmap to find the open ports on my public IP surprisingly all of them were closed. After thorough research and by research I mean Stack-Overflowing, I found that Hyperoptic is not all rainbows and unicorns, they were doing a very bad thing! - CGNAT or Carrier Grade NAT is a NAT above your router, so your router is essentially in an internal network and is not publically accessible. The only solution they had was a static IP for an extra fiver. After a bit of research I found an amazing hack that can solve my problem.

Scenario

• You don’t control the network restrictions/firewalls
• You have this absolutely sick web app on your machine that you’d like to show-off from your local machine

The Solution

If you had a cloud machine that would relay the traffic coming to it via a secure tunnel into your remote machine that’d be great. Since this would happen in the Application Layer, it would not be blocked by the network level restrictions. Ngrok does exactly that for you with just one command. It also saves you from setting up dynamic-dns or port-forwards on your router.

Lets suppose you want to expose your machine for ssh access via the internet simply do -

./ngrok tcp 22

> Session Status  online
> Account          (Plan: Free)
> Version         2.3.34
> Region          United States (us)
> Web Interface   http://127.0.0.1:4040
> Forwarding      tcp://0.tcp.ngrok.io:16226 -> localhost:22 
> Connections     ttl     opn     rt1     rt5     p50     p90     
>                 0       0       0.00    0.00    0.00    0.00

saytosid@SiddhantsBaby /m/c/U/sayto> ssh saytosid@0.tcp.ngrok.io -p16226
> ...
> saytosid@sids-homeserver ~>

Similarly you could expose a webserver, or any other service. There are a number of other features it supports like TLS, Subdomains, Inspection dashboard, etc. The full docs are available at - ngrok docs.

./ngrok http 80
./ngrok tcp 9443

The free tier offers you the necessary and sufficient functionality for demo-ing/hosting small web-apps for personal/limited use. However there are premium plans available for additional features/traffic. I am evaluating the free pack currently will see how it goes with this one. I have also come across other similar offerings like - Serveo, Packetriot, etc. But, they all have a similar idea. I’d recommend you to have a play with a few of them and choose what works for you :).