VXLAN Tunnel for Bedrock/Geyser

VXLAN Setup for Geyser

PreviousVXLAN Tunnel for rAthena/Ragnarok NextVXLAN Tunnel for FiveM/GTA Online

Last updated 1 day ago

Was this helpful?

VXLAN Tunnel for Bedrock/Geyser

VXLAN Setup for Geyser

For customers using the Pterodactyl panel, you may need to contact us during the setup process, as Pterodactyl reserves all private IP addresses, which can prevent the creation of the tunnel. Refer to this .

1. Ensure a working Geyser Instance

Before proceeding with the VXLAN setup, make sure your Geyser instance is running. Follow the instructions in the to set up your server. In this example, we have a Bedrock server up and running on 108.61.149.182:19132 :

2. Create a VXLAN Tunnel

Once your Geyser instance is up and running, create a tunnel and input the correct IP address of your Geyser server in the Endpoint section. You can ignore the port section, as your application will continue to listen on its usual port. The VXLAN tunnel just forwards traffic to that original port via the backend IP.

3. Run the VXLAN Creation Script

ip -s link show vxlan_<id>

Example output:

root@admin:~# ip -s link show vxlan_47
418: vxlan_47: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether 12:cc:cb:ab:1f:e8 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped missed  mcast
    341644143  2036858  0       0       0      0
    TX: bytes  packets  errors  dropped carrier collsns
    53378176   387353   0       0       0      0

At this point you should also be able to ping the tunnel's local IP address:

root@admin:~# ping 172.18.128.2
PING 172.18.128.2 (172.18.128.2) 56(84) bytes of data.
64 bytes from 172.18.128.2: icmp_seq=1 ttl=64 time=51.6 ms
64 bytes from 172.18.128.2: icmp_seq=2 ttl=64 time=50.9 ms
64 bytes from 172.18.128.2: icmp_seq=3 ttl=64 time=50.0 ms
64 bytes from 172.18.128.2: icmp_seq=4 ttl=64 time=50.0 ms

4. Whitelist VXLAN and Backend Ports

Ensure both the VXLAN port and your backend port are properly whitelisted. You can achieve this using either UFW or iptables. This step might not be necessary, but worth mentioning nonetheless.

Using UFW

ufw allow <port>/udp
ufw allow <port>/tcp

Then verify the status by running:

ufw status

Using iptables

iptables -A INPUT -p udp --dport <PORT> -j ACCEPT
iptables -A INPUT -p tcp --dport <PORT> -j ACCEPT
iptables -A OUTPUT -p tcp --sport <PORT> -j ACCEPT
iptables -A OUTPUT -p udp --sport <PORT> -j ACCEPT

Then verify your configuration by running:

iptables-save

5. Update the Geyser Config

Next, update the address (under the Bedrock section) in the Geyser configuration file to the public IP address of your VXLAN tunnel. For example, if your public IP is 104.234.6.128, make the necessary changes to the config. The port of the server stays the same, aka 19132.

After restarting the server, double-check that the service is running properly by running the following command:

netstat -plunt | grep 104.234.6.128

The output should look similar to this:

root@admin:~# netstat -plunt | grep 104.234.6.128
udp     0   0 104.234.6.128:19132 0.0.0.0:*                        1546258/java
udp     0   0 104.234.6.128:19132 0.0.0.0:*                        1546258/java

6. Final Step

At this point, the connection to your Bedrock server will be using the public IP address 104.234.6.128. You can now create an A record that points directly to this IP.

And that's it, happy gaming!

PreviousVXLAN Tunnel for rAthena/Ragnarok NextVXLAN Tunnel for FiveM/GTA Online

Last updated 1 day ago

Was this helpful?

1. Ensure a working Geyser Instance

2. Create a VXLAN Tunnel

3. Run the VXLAN Creation Script

After creating the tunnel, navigate to the bottom of the Overview page, then copy and run your VXLAN creation script. If you encounter any errors, refer to the . To verify that the tunnel was created successfully, run the following command:

ip -s link show vxlan_<id>

Example output:

root@admin:~# ip -s link show vxlan_47
418: vxlan_47: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether 12:cc:cb:ab:1f:e8 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped missed  mcast
    341644143  2036858  0       0       0      0
    TX: bytes  packets  errors  dropped carrier collsns
    53378176   387353   0       0       0      0

At this point you should also be able to ping the tunnel's local IP address:

root@admin:~# ping 172.18.128.2
PING 172.18.128.2 (172.18.128.2) 56(84) bytes of data.
64 bytes from 172.18.128.2: icmp_seq=1 ttl=64 time=51.6 ms
64 bytes from 172.18.128.2: icmp_seq=2 ttl=64 time=50.9 ms
64 bytes from 172.18.128.2: icmp_seq=3 ttl=64 time=50.0 ms
64 bytes from 172.18.128.2: icmp_seq=4 ttl=64 time=50.0 ms

4. Whitelist VXLAN and Backend Ports

Ensure both the VXLAN port and your backend port are properly whitelisted. You can achieve this using either UFW or iptables. This step might not be necessary, but worth mentioning nonetheless.

Using UFW

ufw allow <port>/udp
ufw allow <port>/tcp

Then verify the status by running:

ufw status

Using iptables

iptables -A INPUT -p udp --dport <PORT> -j ACCEPT
iptables -A INPUT -p tcp --dport <PORT> -j ACCEPT
iptables -A OUTPUT -p tcp --sport <PORT> -j ACCEPT
iptables -A OUTPUT -p udp --sport <PORT> -j ACCEPT

Then verify your configuration by running:

iptables-save

IMPORTANT: For customers using Pterodactyl, ensure that you open the VXLAN port on the panel itself. This can be done by navigating to the Network tab and selecting Create Allocation. For more information, visit this .

5. Update the Geyser Config

After restarting the server, double-check that the service is running properly by running the following command:

netstat -plunt | grep 104.234.6.128

The output should look similar to this:

root@admin:~# netstat -plunt | grep 104.234.6.128
udp     0   0 104.234.6.128:19132 0.0.0.0:*                        1546258/java
udp     0   0 104.234.6.128:19132 0.0.0.0:*                        1546258/java

6. Final Step

At this point, the connection to your Bedrock server will be using the public IP address 104.234.6.128. You can now create an A record that points directly to this IP.

And that's it, happy gaming!