It too me a while to work out why my Nextcloud stuff wasn’t working on my phone. It wasn’t until I went to http://duckdns.org on mobile data I saw the block. I had changed ISP from one with IPv6, which I had setup, to an ISP without it, and thought it might be that. But it was just coincidence.

I’ve written to O2 but I doubt they will change anything, so I’ll be changing network.

So heads up UK O2 self hosting people!

  • socphoenix@midwest.social
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    T-mobile was doing this in the US but only blocking certain ports when talking to my home server, might try putting it on a non-standard port as well and see if you can access the service then.

    • jabjoeOP
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      Oh I know some ports are ok. My SSH and WireGuard get through. Port 80 is redirected to a block page place holder and 443 is interfered with so SSL fails.

        • jabjoeOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Tried it. Makes no odds.

          Interestingly it’s fine if I use the static IP directly.

          They are doing some packet inspection by the looks of it. Some rule like:

          On IP address found from duckdns, mess with SSL and rewrite HTTP to go to this block page.

            • jabjoeOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              I don’t know which other ones they have done this to. Also it’s a faff to move domain now. If I’d move domain, I’d just buy one as the IP is static.

      • Droolio
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Wouldn’t you be on CGNAT though? How are they blocking it - at the DNS level? Have you tried a CNAME record that points your own domain to the actual duckdns domain? Just curious how/why they might be doing this.

        • jabjoeOP
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          1 year ago

          I’ve been doing some investigating. It’s not just DNS. Termux doesn’t use the system DNS, it uses Google. But there is still a interference with SSL on 443 and a different page on port 80.

          Edit: oh and the IP address is current with ping.