Self-Hosting & ISP Challenges: CG-NAT, Upload Speed, and Workarounds - Share Your Experiences!

[Vishnu2jd]

I've recently started my self-hosting journey, mostly for services like Immich, Jellyfin etc. I have some problems with my ISP and would love to hear about your experiences.
My current setup:

• Internet: 75 Mbps up/down (residential connection)
• Problem: I'm behind CG-NAT, making direct port forwarding impossible. There's also no IPv6 available from my ISP.
• Location: I'm in a tier 2/3 town/village, and I'm unsure if my local ISP offers static IPs or IPv6 at all. Has anyone had luck requesting these?
• Current Workaround:
  • Reverse Proxy: Using a cheap VPS from OVH Cloud Singapore (₹80/month) as a reverse proxy. It provides 100 Mbps and 500GB of data. The latency(50ms) is little higher compared to Indian VPS(20-25ms)
  • Domain: Purchased from Hostinger.in
  • Tailscale: Using Tailscale for Immich to avoid exposing it directly to the internet. Jellyfin is less of a concern for now.
    

• Share your experiences:
  
  
• What have your experiences been like with Indian ISPs and self-hosting?
• If you're also behind CG-NAT, what workarounds have you done? How reliable have they been?
• How has your upload speed impacted your self-hosting experience? My upload speed is not consistent daytime.

 

[KAKAN]

Location: I'm in a tier 2/3 town/village, and I'm unsure if my local ISP offers static IPs or IPv6 at all. Has anyone had luck requesting these?

Getting static IP with Alliance and local providers was pretty easy. I asked them, they said it'll cost, ₹2000/yr, and I said yes, and they added it after I paid them. Port forwarding worked after that for most ports, some ISPs blocked port 25 (SMTP).
Getting static IP with Airtel was a headache, the sales person had no idea what it was, it was impossible to get in contact with actual engineers even after emailing several people and so on. I was able to get it only because some of the local ISP guys worked for Airtel as well, and they had contacts to let me speak to an engineer.

What have your experiences been like with Indian ISPs and self-hosting?

Pretty good so far, honestly.

If you're also behind CG-NAT, what workarounds have you done? How reliable have they been?

I use Cloudflare's reverse proxy thingy (google Cloudflare Tunnel), pretty easy, costs zero and works like a charm.
Though, I switched to ZeroTier after that for higher control and because it's only my family and no relatives or friends using the private self-hosted things.
Others which are not on ZeroTier are in public, so no need for Tunnel there either.

How has your upload speed impacted your self-hosting experience? My upload speed is not consistent daytime.

No comment, I have almost 900Mbps to Gbps speed in both upload/download. It's mostly within that range throughout the day. The lowest I have ever seen was around 800Mbps, just checking randomly, nothing automated or scientific.

ISPs like Alliance and the ones that are directly peering with TATA usually don't have the 3.3TB commercial data limit, otherwise most ISPs have that. Something to keep in mind, I guess. I hit that limit pretty often, so Alliance is used for streaming services like Immich.

Also, IBF/Indian Broadband Forum might be a great place to ask and research for some of the questions related to the networking part itself (bypassing CG-NAT, dealing with bufferbloat or router issues and so on). I mostly lurk there, though. But threads there have saved me a lot of headache and time. I really appreciate the effort the people put there.

 

[Vishnu2jd]

Getting static IP with Airtel was a headache

AFAIK, airtel offers IPv6 right. So why did you go with static IP when it can be solved with dyndns. Static IP is neccessary if there is no IPv6(which is my case) as it solves the CG-NAT issue.

 

[KAKAN]

AFAIK, airtel offers IPv6 right. So why did you go with static IP when it can be solved with dyndns. Static IP is neccessary if there is no IPv6(which is my case) as it solves the CG-NAT issue.

Some game servers that I self-host don't have IPv6 support. Plus, having a static IP is nice because I can just whitelist my IP for AWS, E2E etc to prevent spam/hijacking SSH requests to my VPSes haha
Sure, it'd be a chore to update them, but it's nice to not have very big logs and alerts by Chinese IPs trying to DoS or brute-force their way into your VPS.

 

[badwhitevision]

I use Cloudflare's reverse proxy thingy (google Cloudflare Tunnel), pretty easy, costs zero and works like a charm.

ISPs like Alliance and the ones that are directly peering with TATA usually don't have the 3.3TB commercial data limit, otherwise most ISPs have that. Something to keep in mind, I guess. I hit that limit pretty often, so Alliance is used for streaming services like Immich.

2 questions for you:
1st, Does cloudflare tunnel allow media streaming without restrictions? (Especially jellyfin streaming data from the high seas)
I remember reading about how that's not allowed and that the tunnel can be closed and users blocked from access.

2nd, could you elaborate on the TATA peering and FUP? AFAIK, all ISPs in my city (Tier 1) have restrictions.

Thank you.

 

[KAKAN]

2 questions for you:
1st, Does cloudflare tunnel allow media streaming without restrictions? (Especially jellyfin streaming data from the high seas)
I remember reading about how that's not allowed and that the tunnel can be closed and users blocked from access.

2nd, could you elaborate on the TATA peering and FUP? AFAIK, all ISPs in my city (Tier 1) have restrictions.

Thank you.

1. Probably not, but I wasn't banned for it anyhow. Unless there's like 10 or 20 people streaming, I don't think Cloudflare would mind much. Our movie rates were 2 or 3 anime episodes every weekend with 2 people, and one movie once in a few weeks with 2 or 3 people.
2. Not sure what I need to expand on FUP. Probably just ask the ISP guys if there's a FUP or not. TATA Peering as well, you'll have to ask them. You can use https://www.peeringdb.com/ as well, but it's better to just ask the ISP tech people.

 

[badwhitevision]

For the FUP, my ISP (ACT Fibernet) has FUP of 3.3 TB. How do I know if they use Tata for peering? I used the database you pointed and it shows ACt has a peering network with Bharti Airtel which in turn has a peering network with Tata communications, but honestly I'm just confused about what peering is exactly.

Also, what speciality does peering with Tata have that allows them to provide data without FUP?

If you could point me to sources or more information about this, I'd be grateful.

As for cloudflare, good to know that casual usage is not given much trouble.

 

[KAKAN]

The 3.3TB commercial limit is purely an artificial limit, it mostly costs nothing extra to big ISP companies to remove it or set it to a much higher value which would still make sense. But they can earn extra if they make people buy business connections or leased lines instead.

There's nothing that peering with TATA allows or disallows, it's just that in my experience, the local ISPs that peer directly with TATA generally have higher FUPs or no FUPs at all.

It's not set in stone either, it's just my experience and what I've heard from small ISP providers.

Hopefully that clears up any misconception about TATA not having FUP or anything haha
My bad. Sorry.

 

[bluefog68]

I have a pretty similar setup, with a DigitalOcean VPS with a reverse proxy for direct connections for certain apps (like jellyfin) which need higher bandwidth and other apps accessed via Tailscale.
So far has worked without any issues.

Using a cheap VPS from OVH Cloud Singapore (₹80/month)

That's pretty cheap for a VPS, could you link which one you are using exactly?