CGNAT and Servers

[Geffers]

Appreciate there are a few gamers and nerds on this platform so curious, I run a few servers on my home network purely for personal use, very little public traffic.

I recently signed up for (Still can cancel) Community Fibre, now I find out they operate a CGNAT system whereby public IP address is hidden behind a shared address, this results in my servers not being available when away from home.

Anyone any remedies for this? I was totally unfamiliar with CGNAT until I found the port redirections in my router didn't work any more.

Geffers

 

[data66]

Interesting post! Thanks. This might be something that @petermarkley has info on perhaps.

 

[Retro]

Firstly, contact their tech support and see if you can get a dedicated IP address. If not, then perhaps a dynamic DNS service might help. That cgnat is bloody awkward, must agree.

 

[petermarkley]

This might be something that @petermarkley has info on perhaps.

Sorry, networking is one of my (several) weak spots in IT …

 

[Retro]

Sorry, networking is one of my (several) weak spots in IT …

Son, I am disappoint, tsk.

 

[Retro]

@Geffers I've just come across this user review at ISP Review that I think will interest you and it's not very good news regarding what you want to do, unfortunately.

dtt588's Review for Community Fibre - ISPreview UK

ISP Review UK

www.ispreview.co.uk

 

[Geffers]

Maybe a remedy, need to check for reliability....

Re my VPN and how I appear to have overcome CGNAT.

With ssh one can log in to a remote computer and have a terminal window as though on the remote computer. With certain settings you can transfer a server port on your local machine to a remote but you can do it the other way too. Effectively an encrypted proxy or reverse proxy.

I have a freebie cloud Linux system on Oracle..

What I've done is, from my VPN server I ssh into my Oracle system but transfer the VPN ports to the Oracle computer. Because I've made an outward connection it'll accept the replies through the CGNAT. I can now log in to my VPN on the Oracle system even though there is no VPN server on that system.

I had to allow VPN via TCP rather than UDP so not 100% how that will affect usage. Plus I have to have the ssh connection from the VPN to Oracle continuously open and maybe create a script to check if connection is active and if not reconnect, that will be easy enough.

Maybe a better way would be to use IPv6 but I haven't got my head round the 128 bit addressing system.

Geffers

 

[Retro]

Great to see that you've found a way round the CGNAT restriction as Community Fibre are cheap for what they give you and reliable.

Maybe a better way would be to use IPv6 but I haven't got my head round the 128 bit addressing system.

Yeah, I can't hack that either. So much easier to handle IP addresses like 192.168.0.1 than those long, incomprehensible and unmemorable strings of numbers. I'm not looking forward to the day when they become the default and we have to use them all the time.