> My ISP is IPv4 only and I host plenty of shit and punch plenty of holes. That’s a function of my firewall not how many bits are in my IP address.
Not wrong, but if you want multiple servers of the same service, you're now doing custom ports (myhost:port1, myhost:port2, etc) which isn't the end of the world, but is kind of sucky.
And if we're not talking just about servers running services, but clients that want to do peer-to-peer stuff, you also have to use things like STUN/TURN/ICE which is more infrastructure that is needed (as opposed to 'just' hole punching since your system already knows its IP(v6) address).
Given the prevalence of these technologies (kludges?) they've kind of been normalized so we think they're "fine".
That's only true if you aren't behind CG-NAT. If you are, your firewall can port forward all it wants but it won't matter, the ISP would have to also port forward to you.
Even in this situation, your ISP can port forward to you.
While not universal, some ISPs support PCP, where you can ask for a port mapping to your CGNAT-ed IP and port. They might or might not honor the external port (if it is taken, they obviously cannot), but you will get some hole punched.
Some do. But when they don't, it is not a fault of CGNAT - which does provide the capability -- but a fault of specific ISP, that's not willing to use it.
Did you miss the part about CG-NAT? Once your ISP runs out of their IP4 addresses and puts you behind a CG-NAT, you can punch all the holes you like; nothing is going to get to you.
At least not without doing fancy stuff like using an externally-hosted VPN to shuttle connections to you.
I've yet to see a single ISP (I live in the US) that even allows customers to host services. If you look in the TOS for services like Comcast, AT&T, T-Mobile, etc, you'll see a part about hosting services being forbidden. And that's even for normal IP4 addresses that aren't behind CG-NAT. Now, they probably don't look too hard unless you give them reason (I hosted various things over a Comcast connection for a decade) but the rule is in there.
Perhaps it's different for a mom & pop ISP, but I don't see the big ones configuring anything that makes it easier to do what they already don't want you doing anyway. They see the inability to forward ports as a feature, not a bug.
I'm not in US, but in EU. Here, T-Mobile or Orange do not have a problem with incoming traffic, and they know that people have security cameras, doorbells, or NAS devices in their homes that they want access from outside.
So even if you expose your Home Assistant web to the wide web, no ISP is going to have a problem with that and won't interpret it as hosting services. What they really want is that you don't run a bandwidth intensive services on a consumer connection, which is going to be overbooked somewhere in their infra, causing service degradation to other users.
And for example Orange does provide PCP for their CGNAT.
Not wrong, but if you want multiple servers of the same service, you're now doing custom ports (myhost:port1, myhost:port2, etc) which isn't the end of the world, but is kind of sucky.
And if we're not talking just about servers running services, but clients that want to do peer-to-peer stuff, you also have to use things like STUN/TURN/ICE which is more infrastructure that is needed (as opposed to 'just' hole punching since your system already knows its IP(v6) address).
Given the prevalence of these technologies (kludges?) they've kind of been normalized so we think they're "fine".