Quasi related; how does one find out if your ISP is using CGNAT?
I'm rather lucky in that my ISP recently started offering IPv6 (and somehow my workstation appears to be using it by as the default), but none of the other PC's on my network do. (Win11 change perhaps?)
You can, with several caveats, detect which hop(s) on the path perform NAT by using some trickery [1]:
> NAT devices are detected by observing a difference in the expected and actual checksum of the UDP packet that is returned as the part of the Original Datagram in the ICMP Time Exceeded message. If they differ then it indicates that a NAT device has modified the packet. This happens because the NAT device must recalculate the UDP checksum after modifying the packet (i.e. translating the source port) and so the checksum in the UDP packet that is nested in the ICMP error may not, depending on the device, match the original checksum.
Check the IP that your router receives on its WAN interface and compare it to the IP printed by internet services like Google (search for "what is my ip" and there'll be a special card among the results) or https://ipinfo.io/ip . If they're not the same (because your router's IP is a private IP like 192.168.#.# or 10.#.#.#) then your router is being NAT'd.
The most reliable way is to compare your ISP-assigned address to the response from any one of a number of services that return the caller's IP address (e.g., https://checkip.amazonaws.com/).
Aside from comparing assigned public IP addresses regularly, I think we (ipinfo) probably have this data internally, or at least we can figure it out. We are pinging and running traceroutes on every IP out there to figure out IP geolocation, so I think we should be able to tag ASNs/ISPs that use CGNAT. So, on CGNAT connections the RTT on the same IP address will be different from time to time and traceroute paths and times will be different as well.
But I'm not sure who will and how they will find this information useful. If anyone can think of a reason why CGNAT detection can be useful generally, I can pitch this to the engineers.
Check the IPv4 address on your WAN. If it's in the 100.64.0.0/10 range [0], you're on CG-NAT.
Furthermore, run
curl ipv4.icanhazip.com
If the address you get back is different from the one on your WAN interface - assuming your Gateway is your ISP rather than, say, a VPN - you must be on CG-NAT.
I don't know of any ISP that will give you a public ipv4 address for free.
More interesting is windows 11 auto configuring ipv6. Does you pc have a public ipv6 address starting with 2:: or fe80:: link local address?
Quick ipv6 crash course. Instead of DHCPv4 (there is DHCPv6 but it's optional) being required for address configuations, ipv6 uses somting called Stateless address Autoconfiguration (SLAAC). Normaly your router sends out Router advertizments packets and this tells devices about the default gateway, public prefix, dns etc... and pc will generate a public ip of (64 bit public prefix):(64 bit random number).
It seems like Windows 10 and eariler will not do ipv6 unless your router advertises it.
TL;DR learning ipv6 is easier than disabling it at this point
>I don't know of any ISP that will give you a public ipv4 address for free.
There probably isn't an ISP that gives out *static* public IPv4 addresses for free, but any ISP that supports IPv4 without CGNAT will give out public IPv4 addresses by definition. The two I've used in the US (Frontier, now Ziply) certainly do.
I suppose "for free" is a relative term, since no ISP I have will give me IP service for free either. However none of the residential ISPs available to me in my section of the US will offer a discount to not give me a public IPv4 address, so I think that counts as getting one "for free"?
I'm rather lucky in that my ISP recently started offering IPv6 (and somehow my workstation appears to be using it by as the default), but none of the other PC's on my network do. (Win11 change perhaps?)