Do you remember when we used to have "party lines" because the GPO telephone network couldn't keep pace with demand?
Well it appears that we've now reached the same stage with the internet. All available IP addresses have been used up leading to much head scratching in the world of the Internet Service Providers (ISPs). It appears that the ultimate answer is to move to Internet Protocol Version 6 IPv6 from the existing IPv4.
In the meantime some ISPs are adopting Carrier Grade Network Address Translation (CGNAT) technology to share out the limited number of IPv4 addresses.
"Am I bothered?" I hear you cry and I suspect for the majority this will not be a problem. But I'll share my experience just so that if it is a problem for you you'll know you're not alone.
I've written before about my bespoke security camera installation and port forwarding through my router, and here's a link to my previous blog(s) if you want to share my journey.
Security camera history
 |
It's a bit of a shaggy dog story............
©Harveywetdog |
To fix or not to fix, that is the question?
To bring the story up to date, in order to be able to view the cameras remotely, I moved to a fixed IP address from Gigaclear. This avoided the need for an external host from DYNDNS so I allowed my membership to lapse when the renewal came due. Unfortunately this was not the end of the story because we then found that we were having problems with our BT email account - basically over time the BT security software decided it didn't like our fixed IP address and locked us out of our account. Although BT could put us on a "white list" and reset their system it didn't stay reset for long and in the end we decided the fixed IP address would have to go.
Now I know you're going to suspect that we were doing something dodgy to keep ending up on the "black list", but I don't think we were and to be honest the BT operatives were so aware of the problem that question one was "do you VPN turned on?" and question two was "do you have a fixed IP address?"
Back to DYNDNS
It took a few attempts with Giga to get the fixed IP address turned off but before long I had signed back up to DYNDNS and everything was back as it was. The only disadvantage with the arrangement was that DYN had no way of automatically tracking any changes in my IP address. To get round this I downloaded a DYN App called DYN Updater. Now, beside the fact that the App has its own issues and is capable of regularly generating 100s of error messages for some unknown reason, the App has to sit on a PC so if you have a power cut the PC switches off (of course) and so you don't update DYN until it is turned back on. Obviously if the updater sat in the router (as it did with BT) then this isn't an issue; when the power comes back on the router comes back on and the update takes place. I did wonder if the app could sit in my WD server but as you will see events somewhat overtook this concern.
And then the cameras stopped working
Part way through November 2023 Mrs R informed me that the cameras had stopped working on her 'phone. I did the usual turning things on and off but as they were still working locally on the PC I decided the problem must be with DYN and thought I'd contact them after Thanksgiving. DYN are now linked to Oracle and, while Support has lost a little of the personal touch, they do still respond to emails when they say they will and are helpful in their responses. So DYN came back and told me their server was working fine which had me really scratching my head and my initial thought was that my router must have rebooted itself and reset all my port forwarding rules.
Looking inside the router told me nothing had changed with the port forwarding rules or the fixed IP addresses I'd applied for the cameras, but when I looked at the "public IP address" quoted within the router something didn't quite add up. I was seeing a 100.X.X.X number whereas if I did a "what is my IP request" on my PC I got back a 195.X.X.X number. Looking on DYN account told me that they were working on the 195.X.X.X number, but as I was port forwarding from 100.X.X.X then no wonder the message wasn't getting through.
I did the usual and switched the router on and off a few times to see if that would shake things out but the router remained steadfastly uncooperative.
What is Carrier Grade NAT?
For those of you who don't know dealing with Gigaclear Customer Support is remarkably soul destroying. While they are generally not the sharpest knives in the customer support drawer if you persevere then usually you can find someone who can shed light on your problem. And so I persevered; they do not respond to e-mail but at least it gives you a case number and you have to beware of their trick of responding to your e-mail with bot-mail saying "try this" and we wont take any action until we hear back from you. So you always have to reply to the bot and say "I've still got a problem".
If Chat is operational you can generally get through and I was able to quote my case number and my problem with the two IP addresses. I was speedily informed that my IP address was using Carrier Grade Nat and that if I wanted to port forward I needed to have a fixed IP address! Knowing the problems we'd had with BT mail made me realise that probably wasn't a good idea so I said no, I simply don't want to use Carrier Grade NAT - of course not having a clue what it was but feeling pretty certain I hadn't agreed to any changes to my level of service in the past month. We closed the chat on the suggestion that I contact the Loyalty Team.
As a loyal Gigaclear customer, they sounded just the team to help me out.
Carrier Grade NAT - the sticking plaster solution
Now I had a title for what I was experiencing I was able to explore the Internet more fully to find out what was going on.
Here's an excellent description written by a public minded, responsible ISP in Australia.
Example from Aussie Broadband
So basically we're running out of IPv4 addresses and CGNAT provides ISPs with a way of sharing them out until a IPv6 solution becomes available. But as the example from Australia explains, some existing services may not be available hence it is perfectly reasonable for customers to ask to "opt out". Opting out doesn't mean having to accept a fixed IP address. If only I was dealing with a public minded, responsible ISP in the UK.
I've carried out a search of the Gigaclear website and I can't find the equivalent information for customers.
 |
Public minded and responsible
Extract from Aussie Broadband |
Armed with this information I approached the Gigaclear Loyalty Team. Although I had been given the Loyalty Team number the call just goes through to support in general and after 10 minutes talking to the agent and not getting very far his only answer was "you need to speak to the loyalty team"! Biting my tongue and simply saying "I thought that was you" I waited to be put through to the Team. This time the agent didn't have a clue what I was asking - there clearly wasn't a procedure for allowing customers to opt out of CGNAT. The only answer he had was that he'd get one of the Technical Team to 'phone me. Suffice to say I'm still waiting.
I wish to register a complaint
I emailed a complaint to Gigaclear at the end of November and I am still waiting for a response (response resolved see below). The nature of my complaint was that the service had been downgraded to CGNAT and that I had not been consulted on the downgrade taking place (and if I had I would not have agreed to it). At the same to I wrote to my MP not only to question what was going on but also to suggest that on-line security had been put at risk by the change.
When I spoke to Chat to ask for progress with my complaint I was more or less told I had two options; either CGNAT or a fixed IP address. I decided that rather than run the risk of BT constantly shutting down our e-mail account I'd let the complaint run its course and live with the limited functionality I had available via the Foscam and WD apps.
A slight aside
I should just point out that throughout the difficulties with CGNAT I always had remote access to the more modern Foscam cameras through the Foscam App on my phone. They obviously have a different way of identifying and connecting with the cameras which doesn't rely on the IP address. The disadvantage is of course you are reliant on the Foscam system and it doesn't work for the legacy cameras. With point forwarding you are only reliant on the DYNDNS service and I can cover all cameras.
I also have a Western Digital NAS drive which I am able to access remotely from my Sony PXW-Z280 video camera to post files in the field. Posting video files from the camera relied on port forwarding. Without port forwarding I would need to load the files onto a Laptop and then use the WD App on the Laptop to communicate with the NAS at home. (I didn't test this but I assume the App would still communicate over CGNAT). So all things are possible, some are just more convenient than others).
 |
NAS Drive
©Harveywetdog |
And then suddenly
This morning I received an e-mail from my MP's office to tell me that he had forwarded my letter to Gigaclear. Half an hour later I received a 'phone call from Gigaclear telling me that they would switch me back to a dynamic IP address which they did immediately and the cameras are now working remotely again.
I wait to see if anything is said about internet security and the use of CGNAT but for now things are working again.
.jpg)
Comments
Post a Comment