add colocation networking documentation

[halfcyan]

No description provided.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	stack-homepage	7f9feb3	Commit Preview URL Branch Preview URL	Jun 23 2026, 02:19 AM

[halfcyan]

also see #61

[halfcyan]

i need to redo emails i think

[TheHeroBrine422]

is this accurate for ipv6? afaik we do just expose the public ipv6 directly to your system? I am not entirely sure how cappy did ipv6 for this. we definitely don't directly expose ipv4 though.

[halfcyan]

from what i could tell there is an ipv6 transit address, but there's also the delegated prefix

[halfcyan]

@korewaChino pleeeeease check this because i have no clue

[korewaChino]

ok so:

• DHCP only assigns internal addresses beyond the routed public address
• IPv6 is directly exposed because NAT64 is a fuck, do not use NAT64
• DHCP never gives you IPv6
• the delegated prefix is routed back to the transit IPv6 as the next hop

so something like this (sorry for llm slop)

---

Quick tl;dr

Colocation networking uses routed addresses over a per-server transit network.

We do not put your public IPv4 subnet directly on your server’s switch port, and we do not use DHCP for colocated server addressing. Instead, each colo port gets a small static transit network between your server and our routers. Your public IPv4 address and IPv6 delegated prefix are routed to your server over that transit link.

When your server is racked, you’ll receive:

• your colocation ID / port ID: $ID
• your routed public IPv4 address: $PUBLIC_IP
• your IPv6 transit address: $IPV6_TRANSIT_IP
• your IPv6 delegated prefix: $IPV6_DELEGATED_PREFIX
• optionally, a suggested IPv6 service address from that delegated prefix: $PUBLIC_IPV6

Your server should be configured statically. DHCP is not supported for colocated server IP assignment.

At a high level:

Internet
  -> Fyra Stack routers
  -> your private IPv4 / IPv6 transit address
  -> your server
  -> your public IPv4 / delegated IPv6 service addresses

What the addresses mean

IPv4

Your server has two IPv4 concepts:

1. A private transit IP on the physical NIC.
2. A public routed /32 used for services and outbound source address selection.

For colocation ID $ID:

Transit network: 10.30.$ID.0/24
Your transit IP: 10.30.$ID.4/24
Gateway:         10.30.$ID.254
Public IPv4:     $PUBLIC_IP/32

The public IPv4 address is routed to your server via 10.30.$ID.4.

You should configure the public IPv4 /32 on loopback or another local interface, then make your default route prefer it as the source address.

Example:

ip addr replace 10.30.$ID.4/24 dev eno3
ip addr add $PUBLIC_IP/32 dev lo
ip route replace default via 10.30.$ID.254 dev eno3 src $PUBLIC_IP

IPv6

Your server also has two IPv6 concepts:

1. A transit IPv6 address on the physical NIC.
2. A delegated IPv6 prefix for your services, VMs, containers, or downstream networks.

For colocation ID $ID, the transit network usually looks like:

Transit network: 2602:f41f:10:11$ID::/64
Your transit IP: 2602:f41f:10:11$ID::4/64
Gateway:         2602:f41f:10:11$ID::ffff
Link-local GW:   fe80::30$ID:ffff
Delegated prefix: $IPV6_DELEGATED_PREFIX

Use the transit IPv6 address only to reach our routers. Use addresses from your delegated prefix for actual services.

Example:

ip -6 addr replace 2602:f41f:10:11$ID::4/64 dev eno3
ip -6 route replace default via fe80::30$ID:ffff dev eno3
ip -6 addr add $PUBLIC_IPV6/128 dev lo

$PUBLIC_IPV6 should be an address inside your delegated prefix, not the transit /64.

For example, if your delegated prefix is:

2602:f41f:10:3200::/56

then you could use:

2602:f41f:10:3200::1

or assign /64s from that /56 to VMs, containers, bridges, or downstream routers.

Important rules

• Do not use DHCP. Colo addressing is static.
• Do not use the transit network as your service network.
• IPv4 services should use your routed public /32.
• IPv6 services should use addresses from your delegated /56.
• The .4 / ::4 transit addresses are the stable next hops we route your public resources to.
• If you run VMs, containers, or a downstream router, route or assign space from your delegated IPv6 prefix, not from the transit /64.

Example with real-looking values

For colocation ID 35:

IPv4 transit IP:       10.30.35.4/24
IPv4 gateway:          10.30.35.254
Public IPv4:           23.155.252.227/32

IPv6 transit IP:       2602:f41f:10:1135::4/64
IPv6 gateway:          fe80::3035:ffff
Delegated IPv6 prefix: 2602:f41f:10:3200::/56
Example service IPv6:  2602:f41f:10:3200::1/128

Linux example:

ip addr replace 10.30.35.4/24 dev eno3
ip addr add 23.155.252.227/32 dev lo
ip route replace default via 10.30.35.254 dev eno3 src 23.155.252.227

ip -6 addr replace 2602:f41f:10:1135::4/64 dev eno3
ip -6 addr add 2602:f41f:10:3200::1/128 dev lo
ip -6 route replace default via fe80::3035:ffff dev eno3

Then outbound IPv4 should show your public IPv4:

curl -4 https://icanhazip.com

And outbound IPv6 should show an address from your delegated IPv6 prefix:

curl -6 https://icanhazip.com

[TheHeroBrine422]

We hopefully should include this in the email we send when we notify you that your server is racked. might be better to say "email us to request it if you can't find it?"