[bombcar]

It looks like it's proxied if you come over IPv4 - which the vast majority of "customers" likely do.

[sjmulder]

I meant to replace it with IP forwarding from a secondary IPv4 address on another host running OpenBSD, but I haven't been able to get that to work yet. Perhaps any OpenBSD/pf folk here have an idea? This is my config (where in the real file the variables are literals):

  pass in on egress inet to $secondary_ipv4 \
    af-to inet6 from $ipv6 to 2a02:a45f:8eaa::2/128

All I get is timeouts and traceroutes with infinite hops. First I tried rdr-to, but that complains of the address family mismatch.

[sjmulder]

Turns out the rule works perfectly fine, I just forgot to enable IPv4 forwarding in sysctl (in addition to IPv6, which I did enable).

[bombcar]

If it's proxying without caching, what you have is "basically" real.

It's just there have been others who put a gameboy behind a massive cache, and most requests would come back from the cache server.