Exposing services on the Internet is a requirement for FreedomBox and a very tricky problem.
Topologies:
Topology |
Frequency |
Static |
Reachable v4 |
Reachable v6 |
ADSL w NAT+UPNP |
common |
n |
y |
y? |
ADSL w NAT |
common |
n |
n |
y? |
4G |
common |
n |
n |
n |
Pure IPv6 |
rare |
y |
n |
y |
Methods:
Method |
Reliability |
Bandwidth & latency |
Paid |
Protocols |
|||
none |
low |
good |
no |
no |
no |
UDP |
|
Tor Onion Service |
hard |
good |
poor |
no |
no |
no |
TCP |
Pagekite |
none |
good |
good |
partial |
yes |
yes |
TCP |
IPv6 |
hard |
good |
medium |
no |
yes |
no |
all |
VPN |
none |
high |
good |
partial |
yes |
yes |
all |
UPNP |
none |
poor |
high |
no |
yes |
no |
all |
Port forwarding on router |
none |
high |
high |
no |
yes |
no |
all |
Port forwarding using VPS |
none |
high |
high |
no |
yes |
yes |
all |
Miredo/Teredo tunnel |
|
good |
medium |
no |
yes |
no |
IPv6 |
Client configuration: if client requires daemons (e.g. Tor), libraries, a non-trivial configuration, or other invasive changes like switching to a different ISP.
Metadata protection: Whereas an eavesdropper can tell the source and destination IP address of the connection, timing, amount of data. "partial": when only the source or the destination IP address is leaked.