Hacker News new | past | comments | ask | show | jobs | submit
orangeboats | on: IPv6 is the only way forward
>What is this entitled mindset that somehow people without CG-NAT already benefit from their public IPv4?

I will raise you the opposite point: why deprive people of their ability to have a globally addressable IP address?

>But even UDP should work through CG-NAT.

I have already told you why it is wrong to make such as assumption, haven't I?

I have heard of stories coming from China and Vietnam that some ISPs implement so-called "type 4 NAT", otherwise known as symmetric NAT or NAT with endpoint-dependent mapping.

This kind of NAT is NOT hole-punchable. And because you don't control the NAT, you are simply SOL if one day your NAT decides to switch to it. Can't even use Tailscale without significant service degradation now, ouch.

Granted, I have only heard about it in Vietnam and China, and it's not a national thing -- only some provinces seem to have symmetric NAT implemented. But I feel the need to remind you that the ISPs there were able to get away with it, because the two countries have significant IPv6 presence. [0]

>Port forwarding is nice, but everyone already knows you can hardly run a server at home (even in countries where port forwarding is standard).

You can hardly run a server at home because we have been facing address space depletion since the dot com bubble.

>I hardly understand why it warrants treatment as such a terrible awful disaster.

You haven't faced an overloaded CGNAT gateway, have you? [1]

[0]: https://stats.labs.apnic.net/ipv6/XD

[1]: https://www.reddit.com/r/ipv6/comments/1as8dvy/is_there_a_wa...

LoganDark | parent
> I will raise you the opposite point: why deprive people of their ability to have a globally addressable IP address?

I wouldn't. I just don't understand, if the alternative is having no internet access at all, why CG-NAT is so utterly deplorable.

> This kind of NAT is NOT hole-punchable. And because you don't control the NAT, you are simply SOL if one day your NAT decides to switch to it.

Can you clarify what you mean by hole-punchable? If all else fails, just use TCP, right? Does TCP also not work? I'm also not talking about connection between peers but connection to a server. Connection between peers has never been a 100% reliable strategy regardless of anything.

> You haven't faced an overloaded CGNAT gateway, have you? [1]

I have not, but that is not inherent to CG-NAT, is it? Any switch or other hop between you and your destination can be overloaded. The destination itself can be overloaded.

orangeboats | root | parent
>Can you clarify what you mean by hole-punchable? If all else fails, just use TCP, right? Does TCP also not work?

I... uh, what? Please... learn more about hole punching before trying to engage in the topic.

Hole punching, in the context of NAT, is a technique where you establish peer-to-peer connection between hosts behind a NAT.

It does not matter which protocol you use, UDP or TCP or chuckles SCTP. If you want to establish P2P connection, you must hole punch.

The only alternative is to use relays.

>I have not, but that is not inherent to CG-NAT, is it? Any switch or other hop between you and your destination can be overloaded.

A typical hop does not need to maintain a huge dynamic state table. NAT, due to its very own temporal nature, must do so.

>destination itself can be overloaded.

Apples and oranges. Destination overload is a service problem. Hop overload is an infrastructural problem.

loading story #47691091