Hacker News new | ask | show | jobs
by baddox 3650 days ago
My only complaint is that for home service there is no way to get a public IP address, so you've got to get an external server if you want to access your home computers from elsewhere on the Internet.
3 comments
boulos 3650 days ago
Yeah they ran out of v4 addresses a little while back, but you can always get an IPv6 address from them. To avoid having most people get confused by IPv6 though they seem to have some form of layered IPv4 NAT (one IP per building or something, and then your "own" IP), which in a different building I discovered and found more confusing than "oh look, just straightforward v6 only".
link
p1mrx 3650 days ago
> "oh look, just straightforward v6 only"

An ISP that doesn't provide at least outbound IPv4 connectivity would rapidly lose all of its customers.

IPv6-only with NAT64 is doable when you control the set of attached devices; see T-Mobile US, with phones that implement 464XLAT.

link
lokedhs 3650 days ago
Earlier in this thread, it was mentioned they are offering IPv6. I'd expect those addresses to be public at least?
link
baddox 3650 days ago
I wasn't aware of that. I'll have to look into it.
link
anxman 3650 days ago
Internal IPv6 addresses are publicly addressable on Webpass but you may have to enable it on your router.

If you have terminal access to your router and it supports iptables, you can manually enable forwarding for a specific port like this:

ip6tables -I INPUT -p tcp --dport 5005 -j ACCEPT ip6tables -I INPUT -p tcp --dport 5005 -j ACCEPT ip6tables -I FORWARD -p tcp --dport 5005 -j ACCEPT ip6tables -I FORWARD -p tcp --dport 5005 -j ACCEPT ip6tables -I FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

Note that if you're using this for Api callbacks like AWS Lamda, they do not support IPv6 and then your best bet is a VPN tunneled to your local device.

Good luck!

link
fulafel 3649 days ago
What's the use case for using port forwarding with IPv6 rather than just allowing the traffic to the machine in question?
link
p1mrx 3649 days ago
I believe the above ip6tables rules already do what you describe; the only target is "ACCEPT", with no packet mangling.
link
brbsix 3650 days ago
Do you only need access for yourself? If so, you should really check out ZeroTier. I use it on my Android phone and Linux boxes and have been really happy with it.
link
ukd1 3650 days ago
This; it's awesome!
link