meanwhile I'm on a dynamic ip that hasn't changed in 18 months
this post was submitted on 17 Apr 2025
85 points (98.9% liked)
Selfhosted
46464 readers
948 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Most ISPs (especially smaller ones it seems) just run a basic DHCP server with leases expiring at a set interval. As long as your stuff is on and working when the lease renews, you'll pull the same IP forever.
As long as you don't want to run a mail server. DHCP ranges are cancer to ip reputation.
I'm pretty sure you don't want a mail server at home
I have 3 mail servers at home
My ISP blocks the ports needed for mail hosting :/
Pretty sure I'd have to go through them to get the rdns PTR records pointed at my domain too. PITA
Mine did too, all it took was a ticket to their helpdesk to get it unblocked
My local fiber provider doesn't advertise static IPs but they haven't changed my IP ever. I've been using them for going on 5 years
Same, buts been several years now. Att fiber. Don't use their modem either (except post power outage to establish coms back then I remove it.) I do use a ddyns service just in case. But it's been the same ip for years
I pray your ISP is more competent than mine!
Sometimes I'll lose the static IP I pay them for and they say it's not their fault. Why am I paying you for it, then!?
It’s static between changes
It's a temporary permanent address.
Static with random TTL.
That only happens from incompetence or bad IPAM software. It’s easy to assign a static in most management systems. As long as you set up the static in your router correctly, it should just stay.
If I set a static on my side, it'll work until they fuck up again.
The excuse I got last time was that, due to a power outage where I live, they lost the configs in the splitter box near me. That didn't fill me with confidence and you're probably very correct that whatever they're doing is very dumb and or incompetent.
That's a good thinker. I imagine their backup of the configs got fucked by whatever caused the issue. IIRC most competent ISPs will have the configs saved in multiple locations,the question is usually if they were updated ever. 😂
load more comments
(3 replies)
I think they just remove CGNAT with some assurance on IP being static over reboot, till it doesn't.
I'd personally recommend that you instead get a VPS and then route traffic over Wireguard.
You already appear to have a plan but it is something to keep in mind.
Hosting on your own hardware is much more fun though! In most cases it's safer too, you don't really need to worry about much as long as you dont portforward your ssh port & don't run programs as root.
I would say it's cheaper as well, but that depends on how expensive the static ip lease is per month.
Wouldn't that increase latency. Additionally speed could be limited by isp's single connection speed to VPS.
Still kinda sad that ip6 still hasn't taken off, that would give literally every toaster in the world its own static ip
I'm convinced it hasn't taken off because they're too complicated for the human brain to easily reference. Four triplets is simple enough.
All the shortening rules trip me up. I'd much rather work with addresses with standardized number of hextets and ideally the same number of digits than not have to type a few zeros.
all of these are the same address: 2041:0000:0001:0000:0000:0000:875B:131B 2041:0000:0001::875B:131B 2041:0:0001::875B:131B 2041:0000:1:0000:0000:0000:875B:131B 2041::0001:0000:0000:0000:875B:131B 2041::1:0000:0000:0000:875B:131B 2041::0001:0:0:0:875B:131B 2041:0:1::875B:131B 2041:0:1:0:0:0:875B:131B 2041:0000:1:0000:0000:0000:875B:131B 2041:0000:01:000:00:0:875B:131B 2041:00:1::0:875B:131B
Ugh. Yes.
The fact that they have shortening rules already shows it's too complicated.
They would've been better off with a shorter length, and ditching hex for a base 32 string.
Imo they should have kept the ipv4 format but instead of maxing out at 255.255.255.255 make it 65535.65535.65535.65535 this aproach makes the address pool more than 4000000000 times larger and is backward compatible with ipv4 so it could be a drop in replacement for most things. And if we ever do end up running out of over quintilion (18446744073709551616) ips we can just keep going up, to 4294967295.4294967295.4294967295.4294967295.
load more comments
(1 replies)
True that. They're also less recognizable as an ip address. They don't stand out
It really isn't all that complicated. Honestly in some ways it is easier since you don't need to worry about subnetting. Also SLAAC is pretty cool.
The key to IPv6 is to not apply your IPv4 brain to it. It works very differently and in some ways it is better.
load more comments
(1 replies)
That's what DNS is for.
Well, yes, for users. But I'm in tech. And it's the tech people that need to implement it. And when I'm trying to hunt down why something about DNS or a firewall rule isn't working, I really don't want to be juggling gigantic alphanumeric strings.
load more comments
(1 replies)
I really don't like the idea of every device automatically having a publicly reachable IP.
There's certainly situations where that would be nice; but I'm quite fond of most equipment and services being behind a router and it's firewall, requiring explicit configuration to be exposed to the open net.
Nobody outside my home network ever needs access to my toaster... (btw, why tf is my toaster wifi enabled...?)
A Firewall and NAT are to different things. All devices would still be behind a Firewall so they would effectively be invisible from the outside except for when they make an out going connection.
If you really want NAT for IPv6 you could use NAT66. It isn't technically the IPv6 way of doing things but it works. The main benefit with NAT is that you don't need to worry about prefixes.
Nat is not a firewall....
Seriously. Unless you open up your Lan to the internet it functions the same way as ipv4 in respect to receiving unsolicited queries from the internet. All those are dropped.
You would have to specifically open a port in your firewall before anyone could access a device over IPv6 on your network from the internet. Just like you would have to forward a port on IPv4.
load more comments
(1 replies)
IPv6 is really widespread.
It is also the classic case of death by a thousand cuts.
I want to be able to buy an IPv6 block and then be able to use it anywhere easily.
I use syncthing for some of my "can-never-lose-these" files. syncthing synchronizes files between different devices. This is not an online-file-hosting thing like Google Drive or OneDrive. These files are physically present on all synchronized devices.
My server is the "main" (you can make everyone equal) syncthing every other syncthing connects to. With an established connection, files will be synchronized on participating devices. AFAIK, syncthing is compatible with Windows, Android and Linux.
This way, my important files are on my server, my smartphone, my PC and my laptop and every single one of these devices must simultaniously explode for me to lose my data. Also, it's on docker hub
pi-hole is another great one. Local adblocker for the whole network, just set it as your DNS server or let the DHCP server propagate this DNS server to your clients. This too is on docker hub
Just make sure you make a backup from your syncthing clones, so an accidental delete/mess-up on one machine doesn't wipe out every copy!
Enable file versioning in Syncthing. Then you will have a backup copy of every change for however long you set it to keep them.
Yeah, I do daily VM-backups which include all of the data on syncthing. No matter what you have, you always gotta have a good backup-strategy.
To be honest, I used to have an ISP with dynamic addresses and it wasn't a huge deal. The address only changed every month or two. I used afraid.org's dynamic DNS service to get a dynamic address that followed the changes and created CNAME records for my real domain pointing at that. The actual connection was fucking awful but the dynamic IPs never caused any problems.
As for services: Nextcloud is well worth looking into for file sync and photo backup, especially if you've already got a file server running.
I don’t think my IP has ever actually changed, and I never asked for a static one. But that doesn’t really matter, because these days it’s a small matter to dynamically update the IP.
GoToSocial works without problems on Podman, they probably just meant that they can't give technical support for it.
👍 for hosting a xmpp server. Next step is to get a real domain name!
That's cool OP. I have a business internet package with a static IP. I do a lot of large file transfers between clients and it does come in handy. I've yet to serve any public facing services tho. I've tried on numerous occasions to get invidious running consistently. It just seemed like I was having to tinker with it weekly just to keep the wheel spinning. I'm not sure what the issues were except maybe YT blocking IPs.
Have fun OP, and be safe and secure with your new found powers.
Shout-out noip.com
Handy but only for three domains. They massively jacked their prices a couple of years ago. Moved most of my devices to Wireguard on a VPS instead.
I have tons of great suggestions depending on your hardware and what kinds of things you’d like to be hosting.
However, for starters, if you’re not doing so already, make sure you are binding your qBittorrent container to a privacy VPN network interface. Test it to ensure it’s working. There are sites out there that you can use to check how your torrent IP presents. No matter what you’re torrenting, keep your IP hidden. The last thing you want is your ISP to terminate your fancy new service.