(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.

The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.

Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.

The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.

I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.

Or did I miss something that makes this make sense outside of a big money capitalist angle?

(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.

The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.

Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.

The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.

I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.

Or did I miss something that makes this make sense outside of a big money capitalist angle?

I think there are still enough v4-only systems out there that you don't really want to host a mail server on v6. You are right though that it would be nice to be able to get static v6 (or for that matter v4) addresses from home isp's. Some do offer that of course.

Another issue can be that the average home internet user has no idea keep even a client system secure. So ISP's might use NAT and default firewall configurations partly to stop incoming connections on the theory that they are likely to be malicious. On home routers you can usually open ports if you know what you're doing. I don't know if that's even possible on mobile phones.

IP blocklisting is still very much a thing as well so you can expect any mail originating from a residential IP to be rejected due to their /24 or larger having previously sent spam, and that assumes you can send server-to-server mail (destination port 25/tcp) in the first place since many ISPs and server providers block traffic destined to that port by default to prevent users from getting their IP blocklists. My home ISP blocks outbound SNMP traffic (or at least did 10 years ago) presumably to also prevent abuse. That said, things like blocking inbound port 80/tcp and 443/tcp is purely a measure to prevent people running servers at home which I’m not a fan of.

If you’re looking for sympathy, you got it. Fuck the state.

If you’re looking for solutions, use a cheap $5/mo VPS that exists purely as your gateway host. Run everything you want on your home machines, then tunnel the traffic to your gateway and reverse-proxy it there. Your data stays in your hands, you can spin up and expose new services publicly in a matter of minutes, AND your home IP isn’t vulnerable to doxxing or DoS.

(Sorry if this is too off-topic:) ISPs seem designed to funnel people to capitalist cloud services, or at least I feel like that. And it endlessly frustrates me.

The reason is even though IPv6 addresses are widely available (unlike IPv4), most ISPs won't allow consumers to request a static rather than a dynamic IPv6 prefix along with a couple of IPv6 reverse DNS entries.

Instead, this functionality is gatekept behind expensive premium or even business contracts, in many cases even requiring legal paperwork proving you have a registered business, so that the common user is completely unable to self-host e.g. a fully functional IPv6-only mail server with reverse DNS, even if they wanted to.

The common workaround is to suck up to the cloud, and rent a VPS, or some other foreign controlled machine that can be easily intercepted and messed with, and where the service can be surveilled better by big money.

I'm posting this since I hope more people will realize that this is going on, and both complain to their ISPs, but most notably to regulatory bodies and to generally spread the word. If we want true digital autonomy to be more common, I feel like this needs to be fixed for consumer landline contracts.

Or did I miss something that makes this make sense outside of a big money capitalist angle?

If you have control over at least the root of your network you can totally get away with hosting in a dynamic pub ip. You just need to set up dynamicdns. There are other ways of handling this specific issue too. You can always go to a colocation and set up a server there if you want. You could also create your own reverse proxy tunnel in a place that is public then forward it. There are lots of work arounds really. Yeah, it sucks that American ISPs generally don’t support ipv6 but there are totally ways to work around it all.

What really gets me up in arms is when they advertise gigabit connections or 500mb speeds only to limit upload to 20mb/s. That is where they are actively inhibiting self hosting communities.

Even in an ideal DNS setup, you're probably going to have downtimes whenever your dynamic IP changes. If only because some ISPs even force-disconnect you after a while to change your address.

I mean I’ll be real. Sure in some circumstances that could be an annoyance for 15 seconds for some software that might rely on a session whenever your ip changes like once a month if that. A rotating ip is probably one of the easiest things to work around amongst the plethora of challenges that ISPs present for those who want to self host.

I mean just take a look at what is involved if you are in a situation where cg-nat is implemented. You legitimately have no control over the root of your network at that point. I have that issue in particular with what is essentially a mobile hotspot as my failover for when my fiber fails. That being said I had to architect it in a way that took that took cg-nat into consideration. If I hadn’t then when fiber fails it would take down my services as a whole anyway.

My point is that those challenges have workarounds, you can solve those issues relatively easily and they even present a level of security. Where it is actively malicious is with restrictions to capacity such as upload limits in which they to a degree lie about their speeds and capacity. The terms of service stuff is just flat out awful too.

Some ISPs require changes ever 24 hours and will disconnect you if needed. Also, if you set DNS to cache such a short amount of time that you can react to that in 5 minutes, you will incur way more DNS traffic which can become a problem when your site is busier. Also, even if your DNS TTL is set to a super short value, a web search suggests to me in practice there will likely be downstream clients and networks that ignore it and won't really update in such a short time frame.

What ISP are you referring to? I have genuinely never heard of an isp that takes 24 hours to rotate your IP. Also utilizing dynamicdns is not going to incur more dns traffic? Dynamic DNS updates your dns provider from a system on your local network that your pub ip has changed then your provider will start sending traffic to the new ip. Propagation used to take a while but I haven’t experienced propagation wait times of over 10 minutes in years. This all being said dynamic DNS isn’t exactly the most elegant solution. It is just one of the simplest that I mentioned. There are significantly better options overall that completely take the requirement of a static pubip completely out of the equation and can be built using all free open source tools relatively easily.

@dgdft @ellie @selfhosted this is the way

While I agree on a practical level, and pragmatism sure is important, long term that workaround still keeps you paying for cloud services and gives cloud companies an easy way to directly man-in-the-middle your traffic. So I'm hoping one day the situation will improve.

@ellie @selfhosted what is the actual alternative? also, not all vps are offfered by megacorps.

The alternative is to get your ISP to offer you a static IPv6 and a reverse DNS PTR entry for your IPv6, like I asked for in the initial post. Some ISPs do if you offer them more money, some only do if you offer them more money and a legit business registration, apparently a few rare ones do it for free, and some never do it.

Once you got the static IP, you can point DNS directly to yourself, and there's no VPS or anything in between. Browser traffic and so on directly comes to your machine.

Yes, that too. I hadn't even thought about trying to send email from a home ISP. Everyone knows you basically can't. I thought the idea was to receive email rather than send it, so you wouldn't be relying on some bigtech company to store it for you.

@ellie @selfhosted I've never seen that from an ISP. ‍️