2degrees: Changes to IP Addresses (CGNAT)

Forums › 2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus) › 2degrees: Changes to IP Addresses (CGNAT)

1 | ... | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | ... | 32

12999 posts

Uber Geek

ID Verified

Trusted

Lizard Networks

#2306486 26-Aug-2019 21:41

NickMack:

Agree.. IOT stuff typically isnt designed with security in mind and therefore making it directly available on the net is a mindfield searching for disaster ;-)

Nick

There we go! this is a security feature! ;)

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

NickMack

962 posts

Ultimate Geek

Trusted

Lifetime subscriber

#2306489 26-Aug-2019 21:47

hio77:
NickMack:

Agree.. IOT stuff typically isnt designed with security in mind and therefore making it directly available on the net is a mindfield searching for disaster ;-)

Nick

There we go! this is a security feature! ;)

Bright "Spark" ;-)

https://nick.mackechnie.co.nz | NZ ISP latency monitoring - https://smokeping.thenet.gen.nz

rugrat

3106 posts

Uber Geek

Lifetime subscriber

#2306491 26-Aug-2019 21:50

I have set up no port forwarding to devices, have no idea how they work.

Created account, user name password, load an applic on phone.

It works at moment, and can access devices when away from home on mobile. Whether CG-NAT will break or not don't know, but when away from home the applic can still access at moment.

I'm also paid for 1 year geo unblocking service, will it break that?

Anyway I'm the customer at end of day and do not see why need to argue point, as can only see downsides to this and no upsides and there is an easy way to avoid this uncertainty.

Contract finish's in 11 days, even though got to give months notice may be safer to wait till it finish's in case of a date muck up, and get break fees.

Looked at costs 2degrees with static ip, phone and free Amazon for at least 6 months $110, Spark 100/20, Netflix HD free, Lightbox Free, phone $109, so Spark $1 cheaper and provides more value Entertainment add ons.

Netflix HD plan $16.99 and I'd be prepared to pay $4 for Light Box, so almost $21 extra value Spark, Amazon value $10 and no guarantee what happens when the time runs out.

Prepared to give people $200 credit when join, but not a free Static IP to keep????

I seem to last with Spark four years plus, but each time move away something happens just within/ over the year that has me moving back. I don't take switching lightly.

Coming up to three years with Skinny, the last non Spark ISP I was with tried to increase prices on me by 25%, (something stupid like $80 up to $100) and then tried to argue I had to pay it because was under contract, I sent a copy of an Email just over a year old proving not the case, and then they sent one back saying my internet was terminated immediately. Suited me fine.

freitasm

BDFL - Memuneh
79250 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2306494 26-Aug-2019 21:58

If you did not forward poets then either it is UPnP or using a central relay system. The later is better.

If you unblock service uses your IP to identify your connection then yes it will not work well

decibel

315 posts

Ultimate Geek

#2306496 26-Aug-2019 22:13

freitasm: If you did not forward poets then either it is UPnP or using a central relay system. The later is better...

Better ?? but many of these are dodgy servers in China.

toejam316

1466 posts

Uber Geek

Trusted

Lifetime subscriber

#2306499 26-Aug-2019 22:16

decibel:
freitasm: If you did not forward poets then either it is UPnP or using a central relay system. The later is better...

Better ?? but many of these are dodgy servers in China.

Better one suspect Chinese outfit than anyone who wants in.

Anything I say is the ramblings of an ill informed, opinionated so-and-so, and not representative of any of my past, present or future employers, and is also probably best disregarded.

rugrat

3106 posts

Uber Geek

Lifetime subscriber

#2306508 26-Aug-2019 22:27

freitasm: If you did not forward poets then either it is UPnP or using a central relay system. The later is better.

If you unblock service uses your IP to identify your connection then yes it will not work well

Yes, it'll be UPnP or central relay, they work from the cloud if that gives any idea, I don't believe the fritz would allow port forwarding without me doing it directly by logging into it.

And yes with unblock service I have to update IP address if it changes, so looks like one service definitely impacted.

So looks like one service definitely impacted with uncertainty on others.

So options on table at present to not be impacted/ have uncertainty, pay $10 a month more for static, or change ISP's.

Equinox IT

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.

michaelmurfy

meow
13240 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#2306514 26-Aug-2019 23:12

rugrat:

So options on table at present to not be impacted/ have uncertainty, pay $10 a month more for static, or change ISP's.

I said it once. I am going to say it again.

1) You're jumping to conclusions once again. Again, there is a little while before 2degrees switches customers to this. I feel that they've heard what people have to say on here, and will action it and likely come up with plans for customers that don't require a static IP but require a public IP. Other providers do it (Trustpower, BigPipe back in the day and NOW Broadband).
2) NONE of the things you mentioned require a public IP address. Even the cheap IoT lightbulbs all link back to a central cloud service in China (more than likely Tuya). Sensibo and WiFi Heatpump controllers don't require any port forwarding either as they talk to a central server.

If you didn't read this thread then for you it'll be life as usual. Everything of yours will likely continue to work (including the Smart DNS unblocker in many cases from experience). You likely wouldn't even have noticed a change.

IMO you'll actually be better off with CG-NAT as like you say, you don't understand port forwarding. These sorts of people are prone to exposing themselves to security problems and run into issues down the track. If you've got any IoT devices that explain that you need to do a port forward (and refuse to work without this) then get them off your network ASAP.

Rule of thumb - if you don't run any hosted services (eg, web servers, game servers) and just use the internet "as per normal" then you'll likely not notice anything with switching to CG-NAT. I've been on it before, it isn't actually that bad.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

rugrat

3106 posts

Uber Geek

Lifetime subscriber

#2306533 27-Aug-2019 00:18

Ok, I'll wait for now.

Still have six months Prime Video left, as got it half way through contract so get some more use out of it, and I do like Prime Video. Lot of old stuff which like watching.

I'm not over confident on the unblocker, but if it doesn't work out and no agreeable solutions can solve within month ( trying to minimize overlap of services including notice period).

The only port forwarding have done is in relation to torrents, and haven't done them in a long time. Prefer streaming and odd recent block buster movie Apple TV, 4k Aquaman 99 cents this week :)

chevrolux

4962 posts

Uber Geek
Inactive user

#2306552 27-Aug-2019 07:16

So just to be clear, customers can still pay for a public IP?

With a pay monthly mobile 2degrees is still the cheapest for a fibre 'MAX' plan at $100/month.

alasta

6703 posts

Uber Geek

Trusted

Subscriber

#2306574 27-Aug-2019 08:38

michaelmurfy:

2) NONE of the things you mentioned require a public IP address. Even the cheap IoT lightbulbs all link back to a central cloud service in China (more than likely Tuya). Sensibo and WiFi Heatpump controllers don't require any port forwarding either as they talk to a central server.

So does this mean that my Philips Hue system would still be remotely accessible under CGNAT?

Sorry if that's a dumb question, but I don't understand all the technical stuff in this thread.

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2306577 27-Aug-2019 08:51

Hi, if you have a port forward to the Hue gateway in your home/lan, then no it will not, but as others above have mentioned about IoT things, these are potentially vunerable devices waiting for great pickings for bad folk to exploit, why would you expose a device like that which i am guess is probably easily capable of acting as a jump injection point to the rest of your lan.

Cyril

freitasm

BDFL - Memuneh
79250 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2306581 27-Aug-2019 08:56

No, you don't need port forward to use Philips Hue from outside your home. CG-NAT will not affect them.

Delorean

651 posts

Ultimate Geek

ID Verified

Trusted

Lifetime subscriber

#2306587 27-Aug-2019 09:05

So reading this tread, the main issue would be if you have set up a service like dyndns would be affected?

Referral Link: | Quic Broadband (use R142206E0L2CR for free setup)

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2306591 27-Aug-2019 09:09

Delorean:

So reading this tread, the main issue would be if you have set up a service like dyndns would be affected?

Depends why you have dyndns setup, if its to know your public IP to allow you to track it to connect via port forwards to lan resources, or if you are using it to register for a dns proxy service (like dns4me) then yes it will impact you and you would be better not on CG-NAT.

Cyril

1 | ... | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | ... | 32