Self Hosting and CGNAT

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] so [Music] hello and welcome back to the channel once again this is scott and today we're going to talk about self-hosting in cgnat so originally back in the 1980s every device had an ipv4 address that was directly on the internet early in 1993 network address translation was created to save ipv4 addresses on the internet by providing each customer a single ipv4 address for their router or gateway and a private address range behind that router this saved valuable ipv4 public addresses and also provided a means to implement basic security easily in 2009 ipv4 address exhaustion was more critical than ever and so then large-scale nat lsn or carrier-grade nat cgnat as it's more often referred to was created so what exactly is cgnet well carrier grade nat adds an extra translation layer it's a little bit like double net where you have a router behind a router instead of a wan address on the internet a customer receives an isp granted private ipv4 address for their router this isp private ipv4 address relays to a shared isp public ipv4 address for connection to the internet so multiple customers in a cgnat share the same public address on the internet this is referred to also as nat 444 because it is a private to private to public connection which basically means that if you're on a system be behind a cgnat that system is the first private address the second private address is the address your router gets and the third pro and the third address is a public connection off to the public internet so cgnat is most common with cell phone data networks and they use dual stack ipv4 with cgnat and ipv6 to mitigate ipv4 public address exhaustion and other services that i know of like verizon the new verizon home network also use cgnat so cgnap breaks typical self-hosting because there's no public ip address on your router that you can host on so what are the options to host on cgnet well if your hosted application can make an outbound request and establish a link as is the case with tor routing my self-hosting on the dark side video covers this and may answer some of your questions if you use ipv6 instead of ipv4 then cg that's not used and my self-hosting on unifi ipv6 covers this and if you use a site-to-site virtual private network to a virtual private server the vps can be a gateway for offering your self-hosted services by providing an ipv4 public address where your isp does not so what about the tor solution tor is the onion router and i have some videos on that tor is an effective and extremely private solution tor relays between multiple nodes so performance is very slow unfortunately and tor has no public directory like domain name services for your services tor works because connections from the tor network back to your services are along an established path that got initiated from your hosted application server configured to run tor so what is the ipv6 solution well ipv6 is actually the best choice because every host on your private network has an ipv6 public global address and no nat of any kind is needed including cgnat so you can see my website hosted blogs on the joys of ipv6 which is a three-part series and there it is on my web server the only downside to using ipv6 is that your end users must have ipv6 configured on their network to access ipv6 services so what about the vps solution well a virtual private server is a service that you a server rather that you establish at a service provider like amazon web services digitalocean lenode or google cloud and a vps can be configured using a virtual private network vpn connection to your home network giving it a public address for your self-hosted services downside is that a vps or vpn combination and appropriate routing rules require some work and the service costs additional money for the hosted server so in summary the easiest and free solution to self-hosting on a cgnat network is to bypass it entirely by using ipv6 we should be migrating to ibv6 but despite the fact that isps all provide ipv6 prefix delegations for end users ipv6 has not caught on as fast as it should and that's primarily because people have to learn it and people have to use it so learn ipv6 via my blogs and my channel anyway thanks for listening today and please subscribe and like and we'll see you down the road the next time thank you [Music] [Applause] [Music] you

Info

Channel: Scotti-BYTE Enterprise Consulting Services

Views: 161

Rating: undefined out of 5

Keywords:

Id: KKUMZ_b_0FM

Channel Id: undefined

Length: 7min 4sec (424 seconds)

Published: Sun Nov 07 2021