|
|
|
|
|
|
by anderspitman
2107 days ago
|
|
|
There's a comment above that indicates tunnel brokering can't handle NAT situations (at least CGNAT). RFC3053[0] seems to indicate this can be a problem as well: > 3. Known limitations This mechanism may not work if the user is using private IPv4
addresses behind a NAT box.
Are you saying it works even behind a NAT?EDIT: According to HE's own FAQ[1]: > If you are using a NAT (Network Address Translation) appliance, please make sure it allows and forwards IP protocol 41. That doesn't sound like something most ISPs are likely to support. Not sure about home routers but if it has to be configured manually we're back to square one. [0]: https://tools.ietf.org/html/rfc3053 [1]: https://ipv6.he.net/certification/faq.php |
|
|
I mean I (probably) could, but don't want to, because now I have IPv4 via CGNAT, but not with a private IP, a public dynamic one probably shared with who knows how many others.
But I can use IPSEC/OpenVPN/Wireguard to somewhere else with that. Though my CPE supports GRE.
Anyways, there are large implementation differences in CGNAT from ISP to ISP and even different access technologies within the same.