(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.
The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won’t allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.
Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.
The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.
I’m posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.
Or did I miss something that makes this make sense outside of a big money capitalist angle?
I think there are still enough v4-only systems out there that you don’t really want to host a mail server on v6. You are right though that it would be nice to be able to get static v6 (or for that matter v4) addresses from home isp’s. Some do offer that of course.
Another issue can be that the average home internet user has no idea keep even a client system secure. So ISP’s might use NAT and default firewall configurations partly to stop incoming connections on the theory that they are likely to be malicious. On home routers you can usually open ports if you know what you’re doing. I don’t know if that’s even possible on mobile phones.
IP blocklisting is still very much a thing as well so you can expect any mail originating from a residential IP to be rejected due to their /24 or larger having previously sent spam, and that assumes you can send server-to-server mail (destination port 25/tcp) in the first place since many ISPs and server providers block traffic destined to that port by default to prevent users from getting their IP blocklists. My home ISP blocks outbound SNMP traffic (or at least did 10 years ago) presumably to also prevent abuse. That said, things like blocking inbound port 80/tcp and 443/tcp is purely a measure to prevent people running servers at home which I’m not a fan of.
Yes, that too. I hadn’t even thought about trying to send email from a home ISP. Everyone knows you basically can’t. I thought the idea was to receive email rather than send it, so you wouldn’t be relying on some bigtech company to store it for you.
If you’re looking for sympathy, you got it. Fuck the state.
If you’re looking for solutions, use a cheap $5/mo VPS that exists purely as your gateway host. Run everything you want on your home machines, then tunnel the traffic to your gateway and reverse-proxy it there. Your data stays in your hands, you can spin up and expose new services publicly in a matter of minutes, AND your home IP isn’t vulnerable to doxxing or DoS.
@dgdft @ellie @selfhosted this is the way
While I agree on a practical level, and pragmatism sure is important, long term that workaround still keeps you paying for cloud services and gives cloud companies an easy way to directly man-in-the-middle your traffic. So I’m hoping one day the situation will improve.
@ellie @selfhosted what is the actual alternative? also, not all vps are offfered by megacorps.
The alternative is to get your ISP to offer you a static IPv6 and a reverse DNS PTR entry for your IPv6, like I asked for in the initial post. Some ISPs do if you offer them more money, some only do if you offer them more money and a legit business registration, apparently a few rare ones do it for free, and some never do it.
Once you got the static IP, you can point DNS directly to yourself, and there’s no VPS or anything in between. Browser traffic and so on directly comes to your machine.
@ellie @selfhosted I’ve never seen that from an ISP. 🤷♂️
Is there a more detailed guide to this practice and the pros/cons?
This is @Shimitar@downonthestreet.eu‘s work, not mine - but it’s pretty similar to how I’d set things up:
https://wiki.gardiol.org/doku.php?id=networking%3Assh_tunnel
Really appreciated the reference!
Good to know my wiki is of any use to somebody.
:)
This is a huge problem. We need to start our own ISPS. Municipal owned or alongside a microgrid co-op are good options
