101·
6 days agoI don’t see how? Normal HTTP/TLS validation would still apply so you’d need port forwarding. You can’t host anything on the CGNAT IP so you can’t pass validation and they won’t issue you a cert.
- 0 Posts
- 91 Comments
Joined 2 years ago
Cake day: June 11th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
CGNAT is for IPv4, the IPv6 network is separate. But if you have IPv6 connectivity on both ends setting up WG is the same as with IPv4.
Only giving a /64 breaks stuff, but some ISPs do it anyway. With only a /64 you can’t subnet your network at all.
I really doubt it. We could give everyone on Earth their own /48 with less than 1% of the IPv6 address space.
Giving a /48 is spec, but a lot of ISPs are too stingy :/
Going to other planets would require a total re-architecting of our communications infrastructure anyway. There’s such distance too it’s not really viable to have a shared internet. Even Mars would have up to 22 minute latency at peak. So I don’t think it makes sense to plan our current internet around potential future space colonization.
Even so, IPv6 is truly massive. We could give a /64 to every square centimeter of the Earth’s surface and still have IPs to spare. Frankly, I think the protocol itself will be obsolete before we run out.
All of your temporary privacy addresses will be coming out of the same subnet, so it’s clear they all belong to the same people.
Ultimately the privacy extensions are just bringing IPv6’s privacy back in line with IPv4, because without the privacy extensions every single device has a separate IPv6 address based on its MAC address whereas in IPv4 most consumer networks have every device sharing a single IP.
7·2 months agoFediverse software tends to be kind of hostile to convenience features people have grown accustomed to. Recommendation algorithms, for example. Lemmy is on the cutting edge for having a “Hot” sort.
I know Mastodon has historically been pretty hostile to even more basic things like being able to search posts.
I get why they think like that, and I honestly agree with some of it, but it inevitably creates a culture shock for outsiders coming from corpo media. I think that plus the network effect means the fediverse will always be kind of niche.
Do you have a link to people talking about running a relay on a raspberry pi? I find it hard to believe that’s possible. A PDS, sure, but a relay requires multiple terabytes of storage alone and plenty of bandwidth/CPU/RAM that I just don’t see a raspberry pi being able to support.
I’d be curious to hear about any progress on setting up new relays though.
Even from a viewer perspective, this sounds depressing to watch. I don’t really get what people get out of this.
Be that as it may, the Plex official guide for setting up “remote streaming” walks you through port forwarding. That implies that when they say remote streaming, they mean port forwarding by default. I then had to go digging to find mention of the Relay service which seems to be a fallback. (Apparently it isn’t even supported by all clients)
Surely if they meant they’d start charging for Relays they’d mention that explicitly, and not use the term “remote streaming”?
It’s the confusing mess of subscriptions and seemingly locking basic functionality behind a paywall that’s skeevy, not paying for software itself. I have happily paid for software before and would again. Plex has never appealed to me though, and they’re certainly doing nothing to make themselves more appealing.
Do you have a source for this claim that the new pricing scheme only applies to the Plex Relays? As far as I can tell it applies to anything they consider “remote access”, regardless of whether it goes through their servers or not.
It seems deeply opposed to the spirit of selfhosting to have to pay for the privilege of accessing one’s own server. If the software itself cost money, that would be one thing, but this whole monetization scheme is skeevy.
It seems like multiple things are being conflated here and I’m not sure what the reality is because I’ve never used Plex.
Some people claim this has something to do with Plex needing to pay for NAT traversal infrastructure. Okay, that seems sort of silly but at least there’s the excuse that their servers are involved in the streaming somehow.
But their wording is very broad, just calling it “remote streaming.” That led me to this article on the Plex support website, which walks people through setting up port forwarding in order to enable “remote streaming”! So that excuse doesn’t really seem to hold water. What exactly is being paid for here then? How do they define what “local streaming” is?
LLMs are very good at giving what seems like the right answer for the context. Whatever “rationality” jailbreak you did on it is going to bias its answers just as much as any other prompt. If you put in a prompt that talks about the importance of rationality and not being personal, it’s only natural that it would then respond that a personal tone is harmful to the user—you basically told it to believe that.
mom-and-pop style datacenters
I find this wording very funny for some reason. I do wonder what a more-decentralized internet would look like though, rather than 90% of it being in the hands of a few megacorps.
Tailscale is just a bunch of extra fancy stuff on top of Wireguard. If you don’t need the fancy stuff, using raw Wireguard can be more lightweight, but might require more networking knowledge.
The biggest thing Tailscale brings you the table is NAT traversal. On top of that it uses direct Wireguard tunnels as necessary instead of creating a mesh like you usually would if you were using raw Wireguard. It also offers convenient bits of sugar like internal DNS, and it handles key exchanges for you so it’s just generally easier to configure. When you do raw Wireguard you’re doing all the config yourself, which could be a pro or a con depending on your needs—and you’ll be editing config files, unlike Tailscale which has a GUI for most things. It also supports some more detailed security options like ACLs and I think SSO, while Wireguard is reliant on your existing firewall for that.
Here’s what Tailscale has to say about it: https://tailscale.com/compare/wireguard
I’ve messed around with Tailscale myself, but ultimately settled on running Wireguard. The reason I do that though is because I trust my LAN, and I only run Wireguard at the edge. Tailscale really wants to be run on every node, which in turn is something that raw Wireguard theoretically can do but would be onerous to maintain. If I didn’t trust my LAN, I’d probably switch to Tailscale.
A lot of people have suggested Tailscale and it’s basically the perfect solution to all your requirements.
You keep saying you need ProtonVPN which means you can’t use Tailscale, but Tailscale actually supports setting up an exit node which is what you need. Put Protonvpn on the Raspberry Pi, then set it up as an exit node for your tailnet. There’s a lot of people talking about how they did this online. It looks like they even have native support for bypassing the manual setup if you use Mullvad.
As long as every client has the ability to use Tailscale (I.e. no weird TVs or anything) this seems like it checks all your boxes. And since everything is E2EE from Tailscale, TLS is redundant and you can just use HTTP.
“Just got to this” doesn’t really seem like a lie to me. If they said “just read this”, that would be a lie, but “just got to this” implies they didn’t have time to reply/think about it, without commenting on whether they read it. Honestly to me “just got to this” implies it’s been on their to-do list but they didn’t get around to it until now. If they hadn’t read it at all saying “just got this” or “just read this” would make more sense.