Hey, I am looking into self-hosting to try out something new, learn a bit, and perhaps do some useful self-hosting in the future. However, with my previous knowledge of networking and the stuff I read about self-hosting, I am left confused.
As I currently understand it: If I want to connect to my self-hosted service while being connected to my local network, then everything should be as simple as typing in the local IP of my service. If feeling fancy, I could touch up /etc/hosts
so I don’t have to always type in IP or run and configure DNS server.
By the nature of NATs, if I wanted to connect to my self-hosted service from outside of my local network (directly or with reverse proxy), I would have to do some port forwarding in my router and call it a day. But that would only work if my router is the only NAT between my local network and the internet, wouldn’t it? After some prolonged staring at the output of traceroute
and likes of whatismyip.com
, I got to assume that my router isn’t the only NAT on the way to the internet (I haven’t confirmed with my ISP atm, this is just my assumption). If that is true, then there would have to be port forwarding set up on all router(s), that only my ISP can access, which may be difficult to coordinate with my ISP and may break at any time they decide to update, restart, or do anything else with their routers. Am I right?
If I understand IPv6 correctly, it may help me bypass the port forwarding on multiple routers, that I cannot access. My ISP supports IPv6, but my router does not. But if my router would support IPv6, I should be able to get a public IP for it and then just set up port forwarding to access my service. Or perhaps even get a public IP for my device, that would run my services and connect to it directly or with a reverse proxy.
Is there any error or misunderstanding in my train of thought? What would be the correct/best way to tackle my situation? Or am I just overcomplicating it? Any advice is appreciated.
I think your understanding is mostly correct. But I never heard that you can get an ISP to port-forward through their CGNAT. Either you get a public IPv4 address or not.
IPv6 would work, but then only clients with IPv6 can connect. And I just read that there are still people with IPv4-only routers in 2023.
Have a look at Tailscale and Zerotier, I think they are often used to poke through CGNAT.