Self Hosting and CGNAT

I'm glad. I hope you subscribe and check out some of my other content. Come by chat.scottibyte.com to chat or say hi.

Glad to have helped.

If that is the case, then look into getting "Cloudflare Tunnel". It will let you self host because your domain traffic will be routed through a dedicated tunnel.

I didn't really mention it, but you might also want to consider using Cloudflare as your DNS provider. Cloudflare provides a tunnel for your domain which can get around the lack of an IPv4 WAN address.

@@scottibyte Thanks Scotti. I actually decided to write some python scripts along with VPS to implement a cheaper method to deal with the cgnat. Hopefully will produce a youtube vid. once completed. Your video was really helpful to get me there.

@@wandering3ngineer Really good to hear. I tend to solve issues with infrastructure solutions rather than code because my background is as a systems architect. If you are successful, you sure will help a lot of folks with your solution. Thanks.

I have a couple groups of subjects that are covered in three videos. I might have to take your advice about the playlists. Just researching topics of interest and creating content is a full time job.

I believe so. CGNAT is only for ipv4. As a test, open an ipv6 address on your router. Use your cell phone and disconnect from wi-fi. Use a ping utility on the phone to ping the opened ipv6 address. That should work. CGNAT, or any NAT for that matter, is a way of preserving public IP address space. CGNAT causes problems with hosting because it is "double NAT". In contrast, an IPv6 address for any machine is a "global address". To make any IPv6 address accessible from the public Internet, all you need do is provide an ipv6 routing rule to allow access on your router. I have several of my videos that address ipv6 hosting. I like ipv6 a lot because you don't have to worry about reverse proxy which is only needed for ipv4. The downside of ipv6 is that if you create an ipv6 service, your end users must use ipv6 to connect to it. Nowadays, ipv6 is offered by almost all ISPs. The downside is most folks have not configured it on their router. Interesting that all cell phone providers have ipv6 enabled all the way to the user device. Configuring and using ipv6, particularly in the US, seems to be a personal choice. IPv6 has become much more prevalent in Western Europe. Thanks for the comment and please like and subscribe and I would feedback for future topics you want to see.

every ipv6 assigned even from cellular data is a IPv6 Public IP..even though it's on AP mode...the devices connected to the hotspot that's using cellular network even have their own Public IPv6

Verizon Home is CGNAT and is based on 5G cellular. FIOS is a home ISP and has a WAN address and is not CGNAT.

I am actually betting that your ISP has IPv6, but the level 1 support had no idea what you were asking. Sadly, that happens too often.

@@scottibyte Yes, many ISP customer support have no clue as they just read a script like "bots". All ISPs will have IPV6 support but many do not want to support IPV6 as this will mean they have to give their users a FREE static IPV6 address. If they use IPV4, then, they can sell IPV4 addresses for premium fee. This is economy!

You have to have IPv6 support from your ISP and most do. I have other videos on IPv6 as well as a three part blog entitled "The Joys of IPv6" on my website under the blogs section. Realize that with IPv6, only IPv6 users can connect to your website. If you want to use IPv6 with CGNAT consider making CloudFlare your DNS Domain name provider. They have a product called "Cloudflare Tunnel" which will allow you to serve Ipv4 services hosted on your LAN despite CGNAT.

You are welcome.

Be sure to watch "Why you want Cloudflare Zero Trust Tunnel". It's a great CGNAT solution.

​@@scottibyte My purpose is to start a website for public access. It has minimal html but heavy database transfers. Cloudflare tunnel costs become will prohibitive eventually. VPS is the only remaining solution.

@@prashanthb6521 Cloudflare Zero Trust Tunnels are FREE. Watch my video entitled "Why You Want Cloudflare Zero Trust".

CGNAT is most commonly deployed in cellular data networks. This is because of the necessity to preserve ipv4 addresses considering the numbers of mobile devices.

​@@scottibytewell,too bad..in my country here, they're CG-NATing on fibre now...but dynamic public IP is available on more pricey plans...even a dynamic public IP can be turn into profit for ISP

@@mikhailsimon9027 consider Cloudflare tunnels.

The only issue with Zero Tier is that it is an enclave. That works fine for those granted access to it. If you offer a website with Zero Tier, then the end user would need to be a Zero Tier user.

​@The Antogist "it’s taken my nearly a year to gather the knowledge"
It doesn't end there, there's always more to know. And if you thought that you're already angry at the situation, you will become even angrier.
But for now...
All of it would've been over if ISP's just enabled IPv6 on their hardware.

@The Antogist You bring up some interesting points. In regards to CGNAT, it creates a problem with double NAT that any person doing hosting shouldn't really consider that flavor of internet service without knowing what that they are getting into. A lot of content creators have addressed Zero Tier.
In terms of general hosting, my channel attempts to address the problems and issues that I haven't seen covered very well or not at all. Really the key to hosting behind a single IPv4 address is reverse proxy and lots of folks have covered NginX Reverse Proxy and Traefik,
I have at least three videos on IPv6 hosting and a three part series on my website entitled "The Joys of IPv6". Literally every ISP customer can avail themselves of IPv6 even if their IPv4 connection is on CGNAT. ISP's all provide IPv6 prefix delegations to their end users.
The sad part is that end uses don't have IPv6 configured on either their routers or LAN segments. I advocated a move towards more IPv6 hosting which is much simpler and has no need for reverse proxy. Besides, we are out of IPv4 addresses in the world and NAT networks have only provided a mere band-aid.
The router configuration question is always an issue. I venture to say that 50% of the routers out there have UPNP enabled and default passwords. I try to frequently address security and routers come in some many flavors. People that want to self-host need to learn their router or purchase a router that provides the features they need with quality documentation. Do you know how many routers out there have not even gotten a security update in ten years? It's crazy and scary to think about that.

@@denniscleaver3559 So, Dennis the scary part is that literally all ISPs have enabled IPv6. Sadly IPv6 has not been taken seriously. ISPs have IPv6 prefix allocations for their customers, but the routers simply do not have IPv6 turned on in the router at the WAN level. I have seen where an ISP have IPv6 configured at the WAN level on the router but ignored setting the router functionality for IPv6 on the customer LAN. I have IPv6 enabled on my WAN interface and on three of my VLANs. A bunch of IPv6 education is needed before it is used more. I have at least three IPv6 videos on this channel.

@@scottibyte Education about IPv6, exactly.
Most students are taught today to simply "ignore" IPv6 when they're doing anything with networking, if not to outright disable it.
Weeks are spent going over subnet masks and NAT, but maybe a few hours about IPv6 which would make those things obsolete.

Glad it helped.