ISPs seem designed to funnel people to capitalist cloud services
-
This is @[email protected]‘s work, not mine - but it’s pretty similar to how I’d set things up:
https://wiki.gardiol.org/doku.php?id=networking%3Assh_tunnel
Really appreciated the reference!
Good to know my wiki is of any use to somebody.
-
. . . nobody at home actually runs VOIP . . .
Plenty of people used Skype and Vonage. Both were subverted because they have to assume NAT is there.
. . . quick game servers don’t need static . . .
But they do work better without NAT. That's somewhat separate from static addresses.
My old roommate and I had tons of problems back in the day when we tried to host an Internet game of C&C: Generals behind the same NAT. I couldn't connect to him. He couldn't connect to me. We could connect to each other but nobody outside could. It's a real problem that's only been "solved" because a lot of games have moved to publisher-hosted servers. Which has its own issues with longevity.
wrote on last edited by [email protected]As far as I'm aware Skype does not support actual VOIP calling anymore, at least according to Microsoft and the couple forums i just skimmed through. But it's been probably 10+ years since I've actually used it or interacted with anyone who used it haha
And I was talking about static IPs, which are different. And at least in the US (in single family homes) its crazy unlikely that your router is behind any NAT. Unless you're talking about CGNAT but anything short of a dedicated fiber run or dedicated wavelength (which are not options for residential people) you will be behind a CGNAT anyways. Even if you have a public IP.
And, anecdotally. In the last 5-8 years I don't think I've had any issues with NAT when hosting games, it's just firewall rules or my public IP changed. But ymmv on that one when playing 22 year old games haha
-
As far as I'm aware Skype does not support actual VOIP calling anymore, at least according to Microsoft and the couple forums i just skimmed through. But it's been probably 10+ years since I've actually used it or interacted with anyone who used it haha
And I was talking about static IPs, which are different. And at least in the US (in single family homes) its crazy unlikely that your router is behind any NAT. Unless you're talking about CGNAT but anything short of a dedicated fiber run or dedicated wavelength (which are not options for residential people) you will be behind a CGNAT anyways. Even if you have a public IP.
And, anecdotally. In the last 5-8 years I don't think I've had any issues with NAT when hosting games, it's just firewall rules or my public IP changed. But ymmv on that one when playing 22 year old games haha
Skype won't be supporting anything at all very soon.
What happened with Vonage is something that could happen with any kind of instant messaging, including things like Discord.
With everything directly addressable (not just static addresses, but directly addressable), an IM/VoIP service can simply connect to the recipient. No servers are necessary in between, only routers. That doesn't work with NAT (CG or otherwise), so what you have to do is create a server that everyone connects into, and then that forwards messages to the endpoint. This is:
- More expensive to operate
- Less reliable
- Slower
- A point for NSA eavesdropping (which almost certainly happened)
This is largely invisible to end users until free services get enshittified or something goes wrong.
Yes, it's only tangentially related to static addresses, but it's all part of the package. This is not the Internet we should have had.
And at least in the US (in single family homes) its crazy unlikely that your router is behind any NAT
Your router has NAT. That's the problem. CGNAT is another problem. My C&C: Generals issues did not have CGNAT.
-
Skype won't be supporting anything at all very soon.
What happened with Vonage is something that could happen with any kind of instant messaging, including things like Discord.
With everything directly addressable (not just static addresses, but directly addressable), an IM/VoIP service can simply connect to the recipient. No servers are necessary in between, only routers. That doesn't work with NAT (CG or otherwise), so what you have to do is create a server that everyone connects into, and then that forwards messages to the endpoint. This is:
- More expensive to operate
- Less reliable
- Slower
- A point for NSA eavesdropping (which almost certainly happened)
This is largely invisible to end users until free services get enshittified or something goes wrong.
Yes, it's only tangentially related to static addresses, but it's all part of the package. This is not the Internet we should have had.
And at least in the US (in single family homes) its crazy unlikely that your router is behind any NAT
Your router has NAT. That's the problem. CGNAT is another problem. My C&C: Generals issues did not have CGNAT.
All routers have NAT, that's sort of their entire role. Are you maybe talking about "double NATing" where you have your router behind the ISP modem/router?
-
. . . nobody at home actually runs VOIP . . .
Plenty of people used Skype and Vonage. Both were subverted because they have to assume NAT is there.
. . . quick game servers don’t need static . . .
But they do work better without NAT. That's somewhat separate from static addresses.
My old roommate and I had tons of problems back in the day when we tried to host an Internet game of C&C: Generals behind the same NAT. I couldn't connect to him. He couldn't connect to me. We could connect to each other but nobody outside could. It's a real problem that's only been "solved" because a lot of games have moved to publisher-hosted servers. Which has its own issues with longevity.
Fyi, Skype was officially killed by Microsoft on May 5th, earlier this month.
-
All routers have NAT, that's sort of their entire role. Are you maybe talking about "double NATing" where you have your router behind the ISP modem/router?
wrote on last edited by [email protected]No they fucking don't, that's not what routers do. You don't know what you're talking about.
And don't fucking tell me NAT is for security, either.
-
No they fucking don't, that's not what routers do. You don't know what you're talking about.
And don't fucking tell me NAT is for security, either.
wrote on last edited by [email protected]That literally is though? NAT stands for Network Address Translation. It'll take you public IP and translate those packets to use your internal one.
If your computer has an address that starts with
169,168, or10there is a NAT somewhere in your network.And it's a "security thing" in the same way that asking someone's name over the phone prevents impersonation haha
-
That literally is though? NAT stands for Network Address Translation. It'll take you public IP and translate those packets to use your internal one.
If your computer has an address that starts with
169,168, or10there is a NAT somewhere in your network.And it's a "security thing" in the same way that asking someone's name over the phone prevents impersonation haha
Have you ever chained three Cisco 2600 routers together and then successfully ping'd clients on each end? Do you know what BGP is? OSPF? Do you know the difference between routing and routed protocols?
I know you don't, because people who do don't make the claims you're making.
-
IPv6 costs money to implement so it doesn't happen without good reason.
For ISPs you need many options so that one company can't take all the business. In my area competition is steep so fiber is cheap. In rural areas I'm personally interested in community or small ISPs. Surely some people could get together and make something better.
rural ISPs still need a connection to the greater internet, what options are there when the closest non-shitty option is hundreds of miles away?
-
rural ISPs still need a connection to the greater internet, what options are there when the closest non-shitty option is hundreds of miles away?
Community run ISPs
Get some people together and start an ISP
-
<<<< has ipv4 static ip to my house. I do pay a small premium though. Like $15 bucks.
$5 for mine
-
(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.
The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.
Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.
The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.
I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.
Or did I miss something that makes this make sense outside of a big money capitalist angle?
Use hostnames and dynamic prefixes or addresses don't really matter. Haven't had an issue in years and my last isp changed prefixes multiple times a week. I mean technically it would not be available for five minutes when IP changes but never noticed.
-
(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.
The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.
Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.
The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.
I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.
Or did I miss something that makes this make sense outside of a big money capitalist angle?
You're not wrong. And the line between evil and laziness here is too messy for me to sort out. We got into this mess because the internet was originally designed as a communication tool between business, university, and government. Specifically, Bell Labs connecting universities as part of the military project DARPA. Since they were connecting dozens of sites, the 4 billion addresses (2^32) seemed like plenty.
Skipping over dialup and forward to early broadband, the issue of the number of addresses problem was 'solved' by a clever firewall technique network address translation (NAT). It was adversited as a security feature, but it allowed ISPs to give one public IP per customer. This standardized things for them - they give you one IP and you multiplex it as you wish. However, since the average customer wanted a turnkey solution, the ISPs would then toss in the modem as a rental. (Also, as enshitification hit this rental modem started getting more user hostile.)
But at this point ISPs are engorged and lazy and redoing everything is a chore, so they got one IPv6 space for everyone, and set up their IPv6 servers to assign chucks of that space based on your assigned IPv4 address. Easy-peasy! Now none of their other management or billing systems have to change! Of course, now your v6 space moves anytime your v4 space does but -they always have those business accounts to sell you …
A diamond in the rough:
When I was younger, working at a data center and IPv6 was new, I found this gem coupled with IPv6 world day (via Reddit):
https://tunnelbroker.net/Hurricane Electric was/is happy to give you a free static IPv6 /48 prefix, and you could tunnel your home connection directly to this (like a site to site VPN). Their catch is if you start pushing significant traffic you'll have to pay market rates. But if your goal is to add a free static IPv6 frontend to your home network, this has been here the whole time.
Similarly, I've read Cloudflare's Terms of Service [privacy policy, et al.] and they're fairly tame compared to many. I'm also partial to their WARP technology. The idea is the end user's traffic is encrypted and sent to any of Cloudflare's servers and from there they can then bounce to anywhere in the world (a handy trick if you need to get around a great firewall or other tools of censorship). If your home lab uses Cloudflare's tunnel, and your phones use WARP, the only thing a third party can see it that you're using the largest CDN in the world - which is sorta a 'well, duh' statement. Cloudflare's schtick is they don't need limits - they can flood you home connection and it wouldn't be a blip on their radar. However, they need to run variations of these technologies to operate their primary business. So making a copy for you to use is almost trivial. (And if you go viral and suddenly need a CDN, I'm sure they can sell you some)
Tl;dr: you're not wrong, but the desert has water in it, if you know where to look.
-
If you’re looking for sympathy, you got it. Fuck the state.
If you’re looking for solutions, use a cheap $5/mo VPS that exists purely as your gateway host. Run everything you want on your home machines, then tunnel the traffic to your gateway and reverse-proxy it there. Your data stays in your hands, you can spin up and expose new services publicly in a matter of minutes, AND your home IP isn’t vulnerable to doxxing or DoS.
@dgdft @ellie @selfhosted this is the way
-
(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.
The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.
Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.
The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.
I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.
Or did I miss something that makes this make sense outside of a big money capitalist angle?
There are some good ISPs out there. My ISP in Australia (Leaptel) gives me the option to enable static IPv6 /48 for free.
-
That literally is though? NAT stands for Network Address Translation. It'll take you public IP and translate those packets to use your internal one.
If your computer has an address that starts with
169,168, or10there is a NAT somewhere in your network.And it's a "security thing" in the same way that asking someone's name over the phone prevents impersonation haha
Not really.
And even as a network amateur I know that its
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16and 169.254.0.0/16 is not even routable so no dice with NAT.
So someone can connect to you just with with a public IPv4 starting with 192.x.x.x
-
There are some good ISPs out there. My ISP in Australia (Leaptel) gives me the option to enable static IPv6 /48 for free.
Cries in American
-
All routers have NAT, that's sort of their entire role. Are you maybe talking about "double NATing" where you have your router behind the ISP modem/router?
That's not the point of a router. It is one feature that most of not all now have, but it's not their primary purpose.
-
There are some good ISPs out there. My ISP in Australia (Leaptel) gives me the option to enable static IPv6 /48 for free.
wrote on last edited by [email protected]No german ISP that i know of does this, it's awful. One doesn't even offer reverse IP ptr entries whatsoever, even if you had a static IP.
You know, what's kind of encouraging is that I posted something similar to this complaint on reddit, and 100% of the responses were corporate apologia how it would apparently be so much work and so much more expensive to provide a static instead of a dynamic IP, or how routing through VPSes is so much better anyway. I hadn't realized the reddit to lemmy brain drain was so bad, which seems good for decentralized morally good hosting.
-
That literally is though? NAT stands for Network Address Translation. It'll take you public IP and translate those packets to use your internal one.
If your computer has an address that starts with
169,168, or10there is a NAT somewhere in your network.And it's a "security thing" in the same way that asking someone's name over the phone prevents impersonation haha
It'll take you public IP and translate those packets to use your internal one.
That is NAT, yes. But that is only one small function that a router can perform, and not all routers have NAT enabled. You only need NAT if your ISP only allows you to use a single IP address.
If your computer has an address that starts with 169, 168, or 10 there is a NAT somewhere in your network.
That's not actually true. I can create such a network without connecting it to the internet, no NAT. I can create a second network, again, no NAT. I can then use a gateway router that allows any node on the first network to reach any node on the second. That router is still not doing any NAT. It's just passing traffic between two networks.
