now that i have the bsky, i wish to learn how use the interactive, so called "federated", or decentralized capabilities (and API)
would you believe i didn't know about cgnat ? so. yeah. brain damage. but i digress.
https://bsky.app/profile/ajaxstardust.bsky.social/post/3lrftpdpxok2v
For example. If I want those "Mastodon users" to be "linked"
@AMS @cadey well, #Anubis allegedly does account for #Browsers like #LynxBrowser and handles them gracefully, unless they violate thresholds to stop scrapers that fraudulently use a fake #UserAgent, and then it'll soft-ban those.
Neulich in der Redaktion: Der Kuschelmammut schweigt!
Eine Funny-Story, warum unser Kuschelmammut fast 24 Stunden ausgefallen war.
https://funime.de/2025/05/29/neulich-in-der-redaktion-der-kuschelmammut-schweigt/
#Anime #funime #kuschelmammut #mastodon #CarrierGradeNAT #CGNAT #DSLite.
#verdammtedreckstechnik
What is CG-NAT ? #Cgnat
*ChatGPT_CGNAT-Gateway.md*
🧠 TL;DR
1995:
Your router got a public IP. It was a first-class citizen on the internet.
Today:
Your router gets a private IP. The ISP rewrites all your traffic behind a shared CGNAT gateway.
Result:
No port forwarding, no inbound access, no real ownership of your connection.
That’s why all self-hosting, devops, and bot stuff breaks — unless you punch a hole in it with tricks like tailscale, ngrok, or your own reverse tunnel to a real server with a public IP.
~4o
> You said:
> hold on. you said,
>> "the world TCP/IP was built for. 💥 What Changed? Why That Died"
> i didn't realize anything died.!!! oh no! [ please explain ... ]
**ChatGPT said:**
*Exactly*. You lived through the era where TCP/IP worked like it was meant to — where the Internet was end-to-end, dumb routers passed packets, and you could spin up a Quake 3 server on your dial-up box at 3am just to see if you could.
Then, somewhere along the way… we lost the Internet and nobody told us.
😱 What You Missed (Because No One Announced It)
You didn’t miss it because you were out of touch — you missed it because:
ISPs never said, “Hey, your connection is now fake.”
NAT layers just crept in silently like mold behind drywall
@destiny yes, but that deoends on your ISP, Internet Setup, Firewall and how shoved your NAT table is.
If you have proper Dual-Stack (static #IPv4 + #IPv6 /64 subnet) then you should be able to get that.
If you have #IPv4only and/or #CGNAT then this will throttle you just like when you have an #ISP that doesn't properly #peer or even acts as #racketeer towards other providers and sabotages #P2P like #KT from #SouthKorea.
I was able to max oit the wifi at my university for downloads in the past...
I had a thought earlier: is stateful #NAT guaranteed to never scale as well as stateless routing? My thinking is yes, since stateful NAT creates entries for each connection (a pair of hosts), whereas routing tables have entries per host destination. For N hosts, the worst case routing table would have N entries, but worse case connections would be N(N-1), which is basically N^2.
Now I wonder if there are distributed state #CGNAT implementations. Though that might be harder than moving to #IPv6
Is anybody doing #SelfHosting from behind a Carrier-Grade NAT (#CGNAT)?
My ISP isn't really helpful about providing a dedicated IP and ports (I don't even need a fixed IP...).
Are services like #TailScale an option?
@Jarek @landley that assumes #IPv6 addresses are static (Providers in #Germany do "pseudostatic" alike #IPv4 and unless one's a business customer, will forcibly disconnect once each 24 hours and reassign a new IP) and that applications ain't configured to prefer IPv4 over IPv6 just to avoid timeouts and having to check if IPv6 exists since the only "#IPv6only" #ISP I know is #Starlink (and even they do #CGNAT due to customer complaints…)
@landley @jschauma @ryanc @0xabad1dea yeah, the exhaustion problem would've been shoved back with a #64bit or sufficiently delayed by a 40bit number.
Unless we also hate #NAT and expect every device to have a unique static #IP (which is a #privacy nightmare at best that "#PrivacyExtensions" barely fixed.)
I guess using a #128bit address space was inspired by #ZFS doing the same before, as the folks who designed both wanted to design a solution that clearly will outlive them (way harder than COBOL has outlived Grace Hopper)...
If I was @BNetzA I would've mandated #DualStack and banned #CGNAT (or at least the use of CGNAT in #RFC1918 address spaces) as well as #DualStackLite!
@landley @jschauma @ryanc @0xabad1dea well, #CGNAT has it's own problems and bricks connectivity forr many applications.
@teezeh
Alle, sind nur aus dem #LegacyNet erreichbar, geht alles durch die #CGNAT s speziell der kleinen ISPs, nur weil beim @ZDF niemand die richtigen Dualstack Akamai Endpunkte im DNS eintragen kann.
Betrifft ja nur ca. 75% der Nutzenden, scheint aber nicht relevant zu sein.
Wenn man manuell die Endpunkte überschreibt kann man @ZDF auch aus dem Internet erreichen.
Der @NDR kann es ja auch.
@SebastianM6L Yes, it serves my purpose well. You can also use it as a reverse proxy directly on the local network, but I wanted to secure my external ports.
Additionally, I have applied for a fiber-optic connection and will need a plan to make my services accessible behind #CGNAT in the future.
Now, the IPv4 and IPv6 addresses of my VPS are essentially the ones to which the domains are forwarded, and from there, a tunnel connects to my home lab.
bueno, pues a lo mejor hay que ir a casa del señor #pepephone a quemarle los internetes, porque vuelvo a estar sin stremio y algo me dice que es culpa del bloqueo a #Cloudflare OTRA VEZ, a pesar de que me solucionaron la "incidencia" sacándome de #cgnat
el finde pasado no estuve en casa para comprobar si funcionaba, pero ahora mismo esto no chuta.
CGNAT frustrates all IP address-based technologies | Cybersecurity | SIDN
https://alecmuffett.com/article/112584
#OnionNetworking #cgnat
CGNAT frustrates all IP address-based technologies | Cybersecurity | SIDN
Aside from the observation that this is basically one half of a Tor networking connection, one might also observe MAYBE THERE IS A PROBLEM WITH THE SUPPOSED LEGAL OBLIGATION AT HAND, HERE:
One practical outcome is that government agencies find it harder to identify criminals behind particular IPv4 addresses. According to Europol, access providers are no longer able to meet their legal obligation to provide details of the account holder linked to a given connection. Because, in some cases, a single IPv4 address is shared by thousands of users. As a result, the agency says, investigations often involve examining and tapping the connections of many more people than really necessary.
https://www.sidn.nl/en/news-and-blogs/cgnat-frustrates-all-ip-address-based-technologies
It continues:
In a document entitled ‘Resilience, Deterrence and Defence: Building strong cybersecurity for the EU’, the Commission explains how the EU wants to promote the adoption of IPv6. The ultimate aim is to have one user per IP address to facilitate the investigative activities of the police and security services. Procurement policy, research and project funding, and covenants will be used by the Commission in pursuit of its goals.
Here in the Netherlands, the Ministry of Economic Affairs is currently looking at ways of energising the country’s tardy migration to IPv6.
Sounds lovely…
📡🥴 Oh no, #CGNAT is wreaking havoc again! Our beloved IP address-based #tech is more frustrated than a cat in water. SIDN's #article bravely tackles the issue, but somehow ends up sounding like a Dutch IKEA manual. 🚪🔧
https://www.sidn.nl/en/news-and-blogs/cgnat-frustrates-all-ip-address-based-technologies #IPaddress #Frustration #SIDN #DutchIKEA #HackerNews #ngated
CGNAT frustrates all IP address-based technologies (2019) — https://www.sidn.nl/en/news-and-blogs/cgnat-frustrates-all-ip-address-based-technologies
#HackerNews #CGNAT #IPAddress #Technology #Networking #InternetIssues #2019
🚀 Wow, groundbreaking news from 2025: Using aged Raspberry Pi with #Tailscale is...useful? 🤔 Apparently, discovering this decades-old tech marvel is like finding out water is wet. 🌊 But hey, at least there's a riveting tale of overcoming #CGNAT and the epic conclusion that port forwarding is hard. 🙄 Bravo! 👏
https://blog.6nok.org/tailscale-is-pretty-useful/ #RaspberryPi #PortForwarding #TechNews #HackerNews #ngated
