It too me a while to work out why my Nextcloud stuff wasn’t working on my phone. It wasn’t until I went to http://duckdns.org on mobile data I saw the block. I had changed ISP from one with IPv6, which I had setup, to an ISP without it, and thought it might be that. But it was just coincidence.
I’ve written to O2 but I doubt they will change anything, so I’ll be changing network.
So heads up UK O2 self hosting people!
T-mobile was doing this in the US but only blocking certain ports when talking to my home server, might try putting it on a non-standard port as well and see if you can access the service then.
Oh I know some ports are ok. My SSH and WireGuard get through. Port 80 is redirected to a block page place holder and 443 is interfered with so SSL fails.
Okay, so just run it on a different port.
Tried it. Makes no odds.
Interestingly it’s fine if I use the static IP directly.
They are doing some packet inspection by the looks of it. Some rule like:
On IP address found from duckdns, mess with SSL and rewrite HTTP to go to this block page.
That is weird then. I’d change dynamic DNS providers.
I don’t know which other ones they have done this to. Also it’s a faff to move domain now. If I’d move domain, I’d just buy one as the IP is static.
Wouldn’t you be on CGNAT though? How are they blocking it - at the DNS level? Have you tried a CNAME record that points your own domain to the actual duckdns domain? Just curious how/why they might be doing this.
I’ve been doing some investigating. It’s not just DNS. Termux doesn’t use the system DNS, it uses Google. But there is still a interference with SSL on 443 and a different page on port 80.
Edit: oh and the IP address is current with ping.