ISPs seem designed to funnel people to capitalist cloud services
-
If you’re looking for sympathy, you got it. Fuck the state.
If you’re looking for solutions, use a cheap $5/mo VPS that exists purely as your gateway host. Run everything you want on your home machines, then tunnel the traffic to your gateway and reverse-proxy it there. Your data stays in your hands, you can spin up and expose new services publicly in a matter of minutes, AND your home IP isn’t vulnerable to doxxing or DoS.
@dgdft @ellie @selfhosted this is the way
-
(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.
The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.
Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.
The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.
I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.
Or did I miss something that makes this make sense outside of a big money capitalist angle?
There are some good ISPs out there. My ISP in Australia (Leaptel) gives me the option to enable static IPv6 /48 for free.
-
That literally is though? NAT stands for Network Address Translation. It'll take you public IP and translate those packets to use your internal one.
If your computer has an address that starts with
169,168, or10there is a NAT somewhere in your network.And it's a "security thing" in the same way that asking someone's name over the phone prevents impersonation haha
Not really.
And even as a network amateur I know that its
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16and 169.254.0.0/16 is not even routable so no dice with NAT.
So someone can connect to you just with with a public IPv4 starting with 192.x.x.x
-
There are some good ISPs out there. My ISP in Australia (Leaptel) gives me the option to enable static IPv6 /48 for free.
Cries in American
-
All routers have NAT, that's sort of their entire role. Are you maybe talking about "double NATing" where you have your router behind the ISP modem/router?
That's not the point of a router. It is one feature that most of not all now have, but it's not their primary purpose.
-
There are some good ISPs out there. My ISP in Australia (Leaptel) gives me the option to enable static IPv6 /48 for free.
wrote on last edited by [email protected]No german ISP that i know of does this, it's awful. One doesn't even offer reverse IP ptr entries whatsoever, even if you had a static IP.
You know, what's kind of encouraging is that I posted something similar to this complaint on reddit, and 100% of the responses were corporate apologia how it would apparently be so much work and so much more expensive to provide a static instead of a dynamic IP, or how routing through VPSes is so much better anyway. I hadn't realized the reddit to lemmy brain drain was so bad, which seems good for decentralized morally good hosting.
-
That literally is though? NAT stands for Network Address Translation. It'll take you public IP and translate those packets to use your internal one.
If your computer has an address that starts with
169,168, or10there is a NAT somewhere in your network.And it's a "security thing" in the same way that asking someone's name over the phone prevents impersonation haha
It'll take you public IP and translate those packets to use your internal one.
That is NAT, yes. But that is only one small function that a router can perform, and not all routers have NAT enabled. You only need NAT if your ISP only allows you to use a single IP address.
If your computer has an address that starts with 169, 168, or 10 there is a NAT somewhere in your network.
That's not actually true. I can create such a network without connecting it to the internet, no NAT. I can create a second network, again, no NAT. I can then use a gateway router that allows any node on the first network to reach any node on the second. That router is still not doing any NAT. It's just passing traffic between two networks.
-
It'll take you public IP and translate those packets to use your internal one.
That is NAT, yes. But that is only one small function that a router can perform, and not all routers have NAT enabled. You only need NAT if your ISP only allows you to use a single IP address.
If your computer has an address that starts with 169, 168, or 10 there is a NAT somewhere in your network.
That's not actually true. I can create such a network without connecting it to the internet, no NAT. I can create a second network, again, no NAT. I can then use a gateway router that allows any node on the first network to reach any node on the second. That router is still not doing any NAT. It's just passing traffic between two networks.
Yeah you're right, I was simplifying to the point where I was a little mistaken. I was assuming y5ou're network was connected to the Internet and was just a standard residential setup, but this is a much better explanation.
-
(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.
The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.
Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.
The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.
I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.
Or did I miss something that makes this make sense outside of a big money capitalist angle?
They don't care about "capitalist cloud services", they just care about money. If they can charge you a premium for more advanced features (they can) then they will.
-
(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.
The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.
Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.
The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.
I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.
Or did I miss something that makes this make sense outside of a big money capitalist angle?
Yeah it's fucked up.
I've noticed that on my cell phone's cell connection, I can't access my home server, but I can access my cloud site.
I'm guessing either XFinity blocks connections from cell IPs thinking they're spam, or my cell carrier blocks connections to home IPs thinking they're scams.With a little more debugging I'll either change cell carriers or ISPs soon I hope. If I have to register a business maybe I'll make an LLC and run a lemonade stand or something lol.
-
There's pretty much no use for a normal person, just for business and power users like the person above you.
For your couple examples, nobody at home actually runs VOIP except a couple nerds just like nobody has home phones except a couple of old people. And quick game servers don't need statics, and if you are hosting something long term that would push you into the power use space.
It would be handy for piracy to always know your friend's IP addresses. Like friend-to-friend networks like Retroshare
-
Use hostnames and dynamic prefixes or addresses don't really matter. Haven't had an issue in years and my last isp changed prefixes multiple times a week. I mean technically it would not be available for five minutes when IP changes but never noticed.
It's just one more bullshit thing to set up, but yeah I might be doing it soon.
-
Is there a more detailed guide to this practice and the pros/cons?
-
It would be handy for piracy to always know your friend's IP addresses. Like friend-to-friend networks like Retroshare
And having a friend-to-friend piracy network absolutely pushes you into "power user" territory lmfao
-
Yeah you're right, I was simplifying to the point where I was a little mistaken. I was assuming y5ou're network was connected to the Internet and was just a standard residential setup, but this is a much better explanation.
was just a standard residential setup,
The distinction is important because we are discussing IPv6. A "standard residential setup" with IPv6 would provide the user with an entire subnet rather than a single IP address. We still need a router to pass traffic from the ISP's network to our own network, but we no longer need NAT.
-
I think really it's designed because you're a consumer. Most people consume far more bandwidth than they upload, so asymmetry is more efficient.
It's also self-reinforcing, by making that the norm it then shapes future development and expectations.
![😕](https://forum.agnos.is/assets/plugins/nodebb-plugin-emoji/emoji/android/1f615.png?v=704ab443e62 ":-\")
-
(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.
The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.
Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.
The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.
I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.
Or did I miss something that makes this make sense outside of a big money capitalist angle?
If you have control over at least the root of your network you can totally get away with hosting in a dynamic pub ip. You just need to set up dynamicdns. There are other ways of handling this specific issue too. You can always go to a colocation and set up a server there if you want. You could also create your own reverse proxy tunnel in a place that is public then forward it. There are lots of work arounds really. Yeah, it sucks that American ISPs generally don’t support ipv6 but there are totally ways to work around it all.
What really gets me up in arms is when they advertise gigabit connections or 500mb speeds only to limit upload to 20mb/s. That is where they are actively inhibiting self hosting communities.
-
(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.
The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.
Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.
The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.
I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.
Or did I miss something that makes this make sense outside of a big money capitalist angle?
We seriously need an international co-operative (Worker-owned) ISP.
-
If you have control over at least the root of your network you can totally get away with hosting in a dynamic pub ip. You just need to set up dynamicdns. There are other ways of handling this specific issue too. You can always go to a colocation and set up a server there if you want. You could also create your own reverse proxy tunnel in a place that is public then forward it. There are lots of work arounds really. Yeah, it sucks that American ISPs generally don’t support ipv6 but there are totally ways to work around it all.
What really gets me up in arms is when they advertise gigabit connections or 500mb speeds only to limit upload to 20mb/s. That is where they are actively inhibiting self hosting communities.
Even in an ideal DNS setup, you're probably going to have downtimes whenever your dynamic IP changes. If only because some ISPs even force-disconnect you after a while to change your address.
-
Even in an ideal DNS setup, you're probably going to have downtimes whenever your dynamic IP changes. If only because some ISPs even force-disconnect you after a while to change your address.
I mean I’ll be real. Sure in some circumstances that could be an annoyance for 15 seconds for some software that might rely on a session whenever your ip changes like once a month if that. A rotating ip is probably one of the easiest things to work around amongst the plethora of challenges that ISPs present for those who want to self host.
I mean just take a look at what is involved if you are in a situation where cg-nat is implemented. You legitimately have no control over the root of your network at that point. I have that issue in particular with what is essentially a mobile hotspot as my failover for when my fiber fails. That being said I had to architect it in a way that took that took cg-nat into consideration. If I hadn’t then when fiber fails it would take down my services as a whole anyway.
My point is that those challenges have workarounds, you can solve those issues relatively easily and they even present a level of security. Where it is actively malicious is with restrictions to capacity such as upload limits in which they to a degree lie about their speeds and capacity. The terms of service stuff is just flat out awful too.
