[plapetomain]

Almost every ISP will have a firewall of some kind, but in the US this is usually just blocking 25 incoming, sometimes 80 (fios), maybe a few other ports.

I have run services on port 443 on Optimum and FiOS for years.

IP addresses don’t change frequently. Usually what happens is there will be some maintenance and you’ll end up with a new IP because you lost the lease in the interim. If you keep your equipment on though you can have the same reachable IP address for years.

I use a dynamic DNS service so this is rarely a big deal.

Not sure why this is so hard for you to grasp. You keep arguing, for what reason?

[3xblah]

"I have run services on port 443 on Optimum and FIOS for years."

What is Optimum, FIOS.

WG does not work over TCP.

Try running a UDP-only DNS server from home on some random port. If you know the port can you reach it via UDP from the internet.

A TCP service listening on port 443 on an ISP customer's IP address in the US might be reachable from the internet. However, this topic is neither TCP nor port 443 nor is it restricted to just the US.

[plapetomain]

Optimum and Fios are two isps in the US.

> Try running a UDP-only DNS server from home on some random port.

No reason to run DNS.

However, I run openvpn udp between three houses (fios, Comcast, cablevision) for nearly 15 years. It’s pretty common, works fine.

Again in the US... cable, fiber and dsl internet service comes with a public mostly unfiltered IPv4 address, the address is dynamic but in practice it is extremely stable.

End of story.

No idea why you’re acting like such an imbecilic tool in this thread. The whole time I have mentioned that this is the case for major US “landline” ISPs. Yes there are plenty of counterexamples, not sure what point you’re trying to prove.

[3xblah]

"No reason to run DNS."

Hmmm, it was a yes or no question. Are you suggesting it work would if you did.

[plapetomain]

Yes, pretty much since most ISPs do not block UDP port 53.

I have no reason to run DNS on a home internet connection. What would a sane use case be? They don’t block it because it would be stupid to use it anyway.

Ports that are typically blocked include 67, 139, 161, 520, 547, etc.. ie dhcp, rip, smb, snmp... none of them are any great loss to those that want to run a vpn.

Running a VPN or ssh service is another story and it works fine both TCP and UDP.

[3xblah]

As someone else pointed out, the issue is mainly NAT not necessarily just "blocked" ports. What works with your ISP may not work with someone else's.

[lizknope]

Just to confirm what you are saying.

I had a Time Warner cable modem for 15 years and the IP address would only change after a sustained power outage. Usually had the same IP for a year.

My AT&T Fiber IP address has not changed in 2 years and that is even after 2 power outages of about 12 hours.