I think you misunderstand. CGNAT is IPv4. IPv6 is sometimes (often?) provided alongside, because of the limitations of a CGNAT IPv6 connection.
I think you misunderstand. CGNAT is IPv4. IPv6 is sometimes (often?) provided alongside, because of the limitations of a CGNAT IPv6 connection.
Your cgnat isn't taking an ipv6 addressed phone and interfacing with the ipv4 internet?
Or are you trying to say the ipv4 is what is natted? Because the ipv4 is where all the stuff the ipv6 phone wants.
At this point, about 25% of traffic on dual-stack ISPs is v4. So no, v4 isn't where all the stuff the phone wants is.
CGNAT is generally only done for v4. v6 isn't needed to provide CGNATed v4, and if v6 is provided as well then it generally isn't NATed. I expect you could find an ISP somewhere that NATs the v6 too as a counter-example if you looked hard enough, but as a rule they don't.
(Sometimes CGNATed v4 is provided by making use of the v6 in some way -- e.g. mapping v4 destinations into v6 with NAT64, or by tunnels -- but the CGNATing still only applies to v4 destinations, so this just an implementation detail rather than an undermining of the above point.)
> Cgnat you are restricted to tail scale stuff.
But only on v4, not on v6. That's kind of the point of bothering to make v6 in the first place -- it allows you to keep the ability to poke holes in your inbound firewall even in a world where v4 is exhausted to the point of CGNAT.
The exhaustion and the CGNAT and the resulting restrictions would still be there if you didn't have v6. It's just providing you with a way out of them.
> Because the ipv4 is where all the stuff the ipv6 phone wants.
There's still some ipv4 only services, but most of the big ones are dual stack. Looks like right now tiktok is v4only, which is probably significant, but Google, Facebook, Netflix are dual stack. Amazon/EC2 have lots of v4 only bits and pieces, but at least www and cdn are dual stack. Github is also v4 only and that's important, but how many people are pulling from their phone?
I ran Starlink for a while. CGNAT. No fun running servers. 5G internet? CGNAT. ISPs that support IPV6, they will probably still run NATs.
So here's a question: if your ipv6 is behind CGNAT and calls an ipv6 on the other side of the CGNAT: is it still one-way, or un-NAT'ed?
And you agree the non-oligarch internet is ipv4, along with a large part of the oligarch internet.
> So here's a question: if your ipv6 is behind CGNAT and calls an ipv6 on the other side of the CGNAT: is it still one-way, or un-NAT'ed?
Depends, it's easy to do things like 464xlat and NAT64 where you route those address spaces through the CGNAT and other stuff direct. Or through a stateful firewall (which could be the CGNAT or something else) if you really need a stateful firewall.
IPv6 clients would not go through a CGNAT (or any other NAT) to connect to a remote IPv6 address. Including on Starlink.
Exceptions are so unusual you should provide a specific example of an ISP with this configuration.