Home internet service IPv6 traffic is all filtered even when using a Netgear LTE router. No port forwarding. Plz fix!

After going through all these issues and trying to figure out why T-Mobile work this way (frequent IP changes, no bridge mode - read carrier UE lock, random latency discrepancies between native ipv6 and ipv4), and I have to say this thread explains a lot. 

Also, there is no such thing as "IPv6 ONLY network" for companies providing DIA. Sure, parts of them can be IPv6 only but you still need to route IPv4 from NAT64 gateways for resources only available on IPv4, it won't go away anytime soon. There are also customers business customers you need to take care of… So, you still maintain two separate networks, the difference is that the IPv4 scope becomes more narrow and easier to maintain.  

Time will say if T-Mobile is a winner going with 464XLAT but it for sure affects their service offerings today, functionality and compatibility wise. 

We talked about shortages of IPs etc. but it looks like Verizon Wireless handled it just fine, with 5G Home Internet getting routable IPv4 addresses, CPEs with bridge mode for both, mmWave and C-Band. Cell phones using true dual stack (CGNAT/IPv6), which seems appropriate.

Im searching for a way to setup IPv6 on my router so it runs smoothly with t-mobile's gateway. 

If you're looking for a simple way to connect remotely to your home devices, I got that working yesterday. I was using Google's Remote Desktop pre T-mobile home internet but could not get it wor

king correctly after the switch. Then tried the "Set up via SSH" option on the Crome Remote Desktop login page. Had to take the commands provided to my PC and input. Now it actually works better than before!

install tailscale on any 2 devices in your home network. preferably one device being static (desktop, raspberry pi) while the other is mobile (laptop, phone)

you will be able to reach the entire network that way, albeit with reduced performance since tailscale punches a hole via udp and using intermediary servers to get out of the tmobile jail

Reblog wrote:

intel wrote:

My background is in IT / networking and I started using Tmo Home Internet for the past 2 weeks. The router being shipped today to customers is missing very important features for power users - it actually broke my ability to remotely access my home via direct-connection using public IPv6 and IPv4 that I used on comcast. 

Contacting support for help is pretty much useless, although I have raised a few tickets regarding the major issues affecting me since switching ISPs, namely:

• Unable to ping my IPv6 WAN address given by T-mobile (to remotely monitor my internet connection)
• Unable to remotely access my home via my VPN server which listens to connections on the WAN IPv6 address (again, T-mobile is filtering ALL my incoming traffic - comcast, att fiber, other major players in the market don’t do this filtering to endpoints except for spam port 25)
• Connecting to a VPN server hosted on the internet is unreliable and unstable.
• T-mobile does not offer IPv6 Prefix Delegation (comcast has it, att fiber does también)

I've spent the majority of my time trying to figure out ways to make this work. Most folks out there are blaming the Nokia router firmware which is really locked down by T-mobile, so being the IT engineer I pretend to be I purchased a Netgear LAX20 which is T-mobile and AT&T certified - I swapped SIMs for my Home internet service and tested both.

 

Even with a router that I fully control, with firewall disabled and allowing WAN icmp/ping responses T-mobile seems to continue to filter traffic (even pings!) incoming towards my service equipment… to make a fair comparison I got an AT&T SIM card and repeated the tests. On AT&T I can ping and access my device remotely when it is on the AT&T LTE network on the same Netgear LAX20. 

 

Decided to post here to vent and share some findings, as this is somewhat frustrating that other LTE carriers that do not offer 'home internet' service do allow you to control and manage your network as you see fit while the new "home internet" service does not give you any control at all. Those users who wish to be able to remotely manage their smart home should perhaps stay away for now until T-mobile decides to do the right thing which is for "home internet" service subscribers to have different security network rules than cellphones on the network.

T-mobile please fix your business model for this new service, starting with adding the ability to request zero network filtering for home internet subscribers and the ability to get IPv6 prefix delegated.

Would be really great if you post this over in the Reddit r/tmobileisp forum.  Lots of people there working on the same issue, appears to be their use of CG-NAT.  Agree?

I’m a bit late to the party here, but have you tried using a VPN that doesn’t require port forwarding? 
 

I've been using Twingate for remote access to my plex media server and it's working well with my T Mobile home internet. I'd give it a shot because it took me ~25 minutes to setup and it's free.

SGS wrote:

Great report. Does this issue prevent the ability to remotely access Wyze cameras, ring alarm system, Ooma phone and video doorbells.  Gracias

I see this post is 2 years old, so I’m not sure what/if anything has changed between then and now because I just recently swapped to T-Mobile’s 5G Home Internet in the last couple months

...I ended up finding this thread while doing some google searches, in effort to troubleshoot ipv6 configuration with t-mobile… Anyways I digress lol.

For me personally - I don’t have any trouble accessing my wyze cams remotely, however I have noticed that sometimes  they’ll be offline briefly when I go to check them - which is something I don’t think I’ve noticed with spectrum.  

djb14336 wrote:

IDK about that angle of them not having/not able to use IPV4.

A Basic dig on their ASN's shows they have a crap ton of IPV4 registered.  Over 12 million on just ONE of their USA ID's (AS21928).  Granted, some (like AS393494, that appears to be tied to TVision) only have 60-70k... but who is to say how much is actively in use, and how much could be repurposed?

But they DO in fact have and use IPv4.  The question is why is it not implemented for home internet instead of the screwy XLAT464 crap.

 

Someone feel free to correct me if I’m wrong, but I’d assume those are reserved for their Business customers?

2 years later and they still haven't fixed it. Dump T-Mobile. It's useless trash.