Port Forwarding Not Working

Hi,
Can I state from the outset that I live in a block of flats where we have access to only one ISP, Hyperoptic. Because of this I am stuck with this garbage ISP and cannot move to a better one.
I am configuring port forwarding on hyperoptic ZXHN H298N router. I am running openSUSE leap 15.1 on my machine with apache web server. Port 80 is open on my machine and the firewall has been configured to allow data into port 80. The machine has been tested and the apache server is listening on port 80.
For the router I have (i) used Application -> Port Forwarding ( Application List ) to make port mapping (WAN start and end port - 8080, MAP start and end port - 80). I linked application with relevant LAN device's IPV4 address. The LAN device had also been placed in demilitarized zone and router's Firewall was set to low. Yet when I used online port checker tools the router's port was found to be blocked.
I also used (ii) Application -> NatLoop and Port Forwarding to perform port mapping. That still did not work.
One thing I noticed is that on the router's WAN side IPv4 Gateway is shown as 100.64.217.193 while the public address on internet is shown as IPv4 188.214.13.240. This means traffic is going via ISP router. There is nothing more that can be done on my side. If anything needs to be done it has to be done on ISP side, e.g. enable DMZ for my router on ISP router or open ports via ISP router.
This is the rubbish I received from Hyperoptic when I contacted them:

I am sending to you the port forwarding manual for your model of the router attached. Sadly, as port forwarding is used for the set up of third party devices which we cannot troubleshoot and assist with, as out technical support agents are simply not trained for third party equipment, the manual is what I can offer as help.
For port forwarding you will be needing a static IP address which costs £5 per month as an add-on to your plan. Please let me know if you wish this to be added and I will gladly assist.

The numbskull doesn't even realize that you don't need a static address for port forwarding. Can anyone suggest where to go from here? All suggestions will be greatly appreciated.

It might be worth asking in their specific forum on here ...

https://forums.thinkbroadband.com/hyperoptic.html

Read up on Carrier Grade NAT on IPv4.

Try and see if you can use IPv6.

Not HO�s fault, the internet is out of IPv4.

In reply to a post by raydona:

The numbskull doesn't even realize that you don't need a static address for port forwarding. Can anyone suggest where to go from here? All suggestions will be greatly appreciated.

100.64.217.193 is a Bogon IP address, so looks like using CG-NAT.

CG-Nat is a pain to behind. You do not have control of port forwarding at point of CG-Nat. You are one in few probably thousands of customers using the same IP, in this case all using 188.214.13.240.

Wikipedia CG-Nat

To get away from issus of CG-Nat you will have to pay HO for you own IP. Or pay VPN provider for same thing ie Cyberghost dedicated ip vpn. I say you be better of paying HO

The numbskull is correct.

What others have pointed out is that Hyperoptic for IPv4 uses CGNAT which is fine for most consumers.

To switch off CGNAT you need to pay for the static IP address option.

In reply to a post by MrSaffron:

To switch off CGNAT you need to pay for the static IP address option.

Of course the proper direction is to use IPv6.

Edited by jchamier (Tue 03-Mar-20 09:58:05)

In reply to a post by jchamier:

Read up on Carrier Grade NAT on IPv4.

Try and see if you can use IPv6.

Not HO�s fault, the internet is out of IPv4.

It is not obvious on the Hyperoptic website that you don't get a public IP address. How many other ISPs use CG NAT? (Mobile phone companies apart.)

They could of course reduce their charge for a plublic IP address

Hey there,

Thank you for your query. We would like to assist as much as possible even though we are not able to complete the port forwarding process on your behalf.

First of all, because we're globally running out of IPv4 addresses, we started using Carrier Grade Nat (CGN) which allows for more efficient use of our IPv4 address range. This means that your public IP address is shared among several other users making your IP address private instead of public. There are, however, some applications that may be affected by this such as online gaming, VPNs, P2P applications and hosting at homes which require a public IP address to work. We provide a static and public IP address. These are £5 per month because of these IP's are rare and we have to cover the cost of renting the IP for you and the cost of maintenance. We are rolling our IPv6 for this reason, and you most likely already have one on your account. You can try port forwarding with IPv6 as well, however, the majority of the UK does not use IPv6 so it might not be successful for what you need the port forwarding for.

As for the port forwarding process, you would not be able to open port 80 on the router as it's reserved by us for Hypertext Transfer Protocol (HTTP). The same goes for port 443.

The guide itself should provide all the steps on how to open the ports but the process will not work without a public IP address.

We hope this helps. We're always here if you have any further questions.

An IPv6 only public website is not going to be that visible though.

Its a problem that almost everyone is going to hit. The older UK ISPs have been lucky for a long time, this luck will eventually run out.

In reply to a post by Michael_Chare:

It is not obvious on the Hyperoptic website that you don't get a public IP address. How many other ISPs use CG NAT? (Mobile phone companies apart.) They could of course reduce their charge for a plublic IP address

In the UK few, but this is just luck. Hyperoptic is a young ISP in comparison. IPv4 has run out, and the longer the big ISPs such as Virgin, Plusnet, and others don't provide IPv6 to their customers, the longer this confusion will continue.

It still requires a fundamental change to be able to move to IPv6. It is not a priority for most companies to do so as it just costs money to implement and there is no business benefit for the average company to do so. Until companies hands are forced it just won't happen on the scale needed to make a difference.

When you say

we have to cover the cost of renting the IP

, what cost is that and who charges the rent? I thought IP blocks were bought for a one-off payment, and that's why there is a market for trading them.
Many other ISPs don't charge monthly fees for static IP addresses.

The big ISPs either tend to charge for static or don't offer it at all on consumer products. It tends to be the more niche ISPs that give static IPs as standard.

EDIT : Sky, BT and TalkTalk do not offer static IP on consumer packages - that covers the vast majority of users in the UK. Virgin also don't offer static either.

Edited by ian72 (Tue 03-Mar-20 15:15:34)

In Asia there are websites and ISPs that only run v6. This hasn't affected people in Europe as generally we don't speak or read the language. Countries experencing large amounts of growth have hit this, before europe or the US. Maybe because their original allocation of v4 was quite small.

Yes, in the UK it is not needed today, but that time will come eventually. It is crazy we are not ready for it.

Some do offer static IPs - e.g. Plusnet who make a one-off charge of £5 for residential users (free for business users) although they don't offer IPv6 at all.
I don't see the need to make a monthly charge (other than profiteering) if a static IP address is provided - the cost to the ISP is not recurring.

When my revolution comes, CGNAT will be illegal unless you offer a public static IPv6 and offering public static IPv6 will be mandatory

These interim systems are notoriously problematic, Akamai state they've seen CGNAT overwhelmed where IPv6 carries on working. They are also carrying more and more v6 traffic than ever before. The revolution is coming, and many UK ISPs are providing dual stack, so why not the others?
https://blogs.akamai.com/2020/02/at-21-tbps-reaching...

There aren't that many that provide static IP on consumer products that don't charge monthly - PlusNet are one of the few in that respect.

When something like 80% of users are on the big 4 and none of them offer it then it shows that it isn't a priority for most people.

I think the charge is to discourage people from using a very small pool of addresses - it is more a punitive charge than relating to direct costs. If it was a one off at £5 then a lot of new ISPs might see their small allocation disappear very quickly.

I assume its an admin headache, because the idea of sharing IP address went with the death of dial up.

I'd agree it isn't a priority for most people. Neither is latency, or IPv6, or other features that are important to me.
However I'm still struggling to know what "the cost of renting the IP" is, or what recurring costs require a significant monthly charge.
I guess it doesn't really matter as I'll never be a Hyperoptic customer.

In reply to a post by sheephouse:

When you say

we have to cover the cost of renting the IP

, what cost is that and who charges the rent? I thought IP blocks were bought for a one-off payment, and that's why there is a market for trading them.

As they are RIPE members, they pay a fee every year for the resources they have (search for uk.bcube). It used to be a variable fee based on the resources but when RIPE had no more v4 to give freely, it changed to a fixed fee soon after of �1400/year. They have around 59392 allocated addresses.

It is possible to get more v4 addresses from the RIPE transfer service from another members wanting to sell their surplus resources. Rates are agreed between members but the average cost seems to be between £6-12 per IP, as a one-off cost; the bigger the block you buy, the cheaper each IP is. Currently there is one /14, 2 /18s, 4 /19s and 400+ blocks from /20-/24 offered.

Like you say, most don't charge for a single static but at the cost of £5 a month, many would argue that is excessive when the underlying IP cost based on the fees RIPE bill for the allocated addresses is around 2.1p/2.3�. Maybe the admin of addresses costs £4.98 a month...

Matt

Edit: added yearly clarification

Edited by uno (Tue 03-Mar-20 18:25:37)

Thanks Matt, that's interesting information.

Agreed with what Matt says here.
Historically IP4 addresses were plentiful and cheap, but supply & demand killed that a long time ago. There are still huge organisations, mainly USA based, which have big allocations, and many of them being wasteful.
There is a market for these, and prices keep rising. Demand is high, and the supply of new public IP4 addresses is low, really just comparatively small blocks coming out of the woodwork here & there.
There has been a big scandal with Afrinic where staff there have been accused of siphoning off and selling large numbers of the IP4 addresses that were originally allocated to Africa.
£5 a month is quite steep, but it's not everyone who will need or want this.
Don't forget that's what BT will charge for this, to businesses.

In reply to a post by ian72:

When something like 80% of users are on the big 4 and none of them offer it then it shows that it isn't a priority for most people.

Yes, but if you have a public IP then you can use dynamic dns which makes it possible to establish a remote connection.

Hey there,

Thank you for your query. We pay to obtain the IP addresses which we provide to our customers. Also, we pay for the maintenance of these addresses. Other providers which provide static IP addresses tend to include them in the package price which usually means the price per month is more expensive. As an average user does not need to surpass CGNat on a daily basis, we have decided to reduce the price by removing the static IP from our default package. This is now an additional feature which you can purchase for your account if you require it for work, gaming, etc. We're also rolling out IPv6 as an alternative.

We hope this helps.

And frankly all ISP's should offer dynamic DNS on their IPv4 connections for not additional charge.

I know at one time PlusNet used to, but I have a feeling they don't anymore. Hard to tell as everyone in the family have all paid the £5 for a static IP. If they still do it's of the form <username>.plus.com