Considerations about hosting at home (no business contracts, only private customers) regarding internet protocol and DNS, e.g. for remote access of Raspberry Pi, syncloud, nextcloud, owncloud ...
# | type of access(server) / short description | comments, use cases, problems | client connection via | usage trend |
---|---|---|---|---|
1. | IPv4 public address - directly connected | servers in data centers, PCs terminating ppp-sessions, smart phones with special APN-settings | IPv4 |
|
2. | IPv4 private address, with NAT at own router | historical DSL, user needs tcp/udp port forwarding for own server at own router (upnp or manually) | IPv4 |
|
3. | IPv4 private address, with NAT at ISP-level (carrier grade NAT) | widely used by mobile internet service providers and some stupid fiber ISP, user needs relays (third party server) or PCP (isn’t available), usually no server possible, | no |
|
4. | dual stack: IPv4 public address + IPv6, directly connected | usually used for servers in data centers | IPv4/IPv6 |
|
5. | dual stack: IPv4 private address (NAT) + IPv6 directly connected | DSL, widely used, e.g. Deutsche Telekom, user needs tcp/udp port forwarding for IPv4 and a configurable firewall for IPv6, (customer routers by Deutsche Telekom “speedport” usually don’t support to open IPv6 firewall) | IPv4/IPv6 |
|
6. | dual stack: IPv4 private address (CGNAT) + IPv6 directly connected | widely used by mobile internet service providers (Deutsche Telekom, Vodafone Germany) no IPv4 server, no IPv6 server (usually blocked by the ISPs firewall) | (IPv6) |
|
7. | dual stack lite (DS-lite): IPv4 private address, with NAT at ISP-level (carrier grade NAT) + IPv6 directly connected | widely used by different cable and fiber companies, user needs relays (third party server) or PCP (isn’t available usually, by design useless) for IPv4, usually no IPv4 server possible, IPv6 server possible – if the user’s router is configurable (e.g. fritzbox) | IPv6 |
|
8. | IPv6 directly connected, without IPv4, but with DNS64 + NAT64 | widely used by mobile internet service providers (US, India, partly also in Germany) can be combined with 464xlat, no IPv6 server possible – the providers firewall blocks usually incoming traffic | (IPv6) |
|
9. | IPv6 directly connected, without IPv4, without helpers | only used in intranets or by nerds (at the moment) | IPv6 |
|
-
comment to 5. it may be necessary to disable AAAA-records - if the users router firewall doesn’t allow incoming IPv6 traffic
-
comment to 6./7. it sound similar, but 6. is more true parallel transport of both protocols, while 7. is representing IPv4-tunneling, also the effects for the user are different in practice, e.g. firefalling IPv6
-
comment to 7. it is necessary to be able to switch off A-records in DDNS – no IPv4 address works for remote access, remote clients may confused by wrong A-record (time outs, connection failures)
-
comment to 7. may get some IPv4 support by so called “port mappers”, but that’s third party shit, similar to the problem of 3. (cloud relays)