The isp router can only be their device, network access is locked to the hardware and sim, not just the sim. So I have to have the asus for house wifi.
The ethernet to the shop uses the yards electrical wiring, the adapter in the shop has wifi built in. But can be run in transparent mode.
I liked ipv4, 5-6000 users is hidden behind one ip, you can download torrent’s with no fear
For gaming you jus buy your own and no problem.
In my country (Serbia) we still use ipv4.
my internet is relatively good , i live in a vilage and i have two links to home.
One is wifi direct link with ubiquity air grid 100/100 of transfer rate and hfc 350/35mb/s
I share my public address with many other of my ISP’s customers. In fact they have a pool of public addresses they use. My ISP router has no public IP address. Now that IPv4 is pretty much exhausted, this is probably the norm now. Carrier-grade NAT they call it (in other words double NAT).
I have a VPS with Linode that can proxy connections for me back through a VPN to my computers in my shop and house. Although Tailscale makes even that unnecessary.
One other way to sidestep this carrier-grade NAT business is if you can get IPv6 addresses from your ISP. IPv6 does away with NAT for the most part. My ISP is Telus and they’ll never support IPv6 I’m afraid. They barely support anything really. Probably the most inept and customer-hostile telecom company I have ever done business with.
I work at isp i know , i get emails from big movie companies for torrents.
Basically they do not look downloaders but seeders.
if we do not do anything, public ip where they detected seeder is added to black list and there is problem with gamers
Then we change public ip and problem solved.
So wnen you finish downloading shut down seedeeng.
My friend found on linux ntrip server
We put it to modem with public ip
done dstnat to machines ip and port and it works.
We used to use rtk2go but iff you have problem with pc ,gps module and you send them empty signal they block your public ip.
Some times they site is down and we are at fieled and steereng do not work.
So we made our ntrip server on linux on our public ip.
I did something stealthy-similar the other day using ngrok.io (a friend wanted to publish direct, but he didn’t have his router password so port-forwarding wasn’t an option)… From memory, here’s the process. Basically, ngrok runs on your PC and creates an outbound tunnel for an internal service.
Register an account at ngrok.io - free plan is fine
Receive an auth-token here and the command to store it: ngrok - secure introspectable tunnels to localhost
At the command line, run “ngrok tcp 2101” to stand a tunnel up forwarding port 2101 on the machine ublox is running (I’m assuming ublox and ngrok on same machine, use “ngrok tcp ubloxip:2101” if not).
It’ll give you info on what the tunnel will be called, and this will change EVERY time you start ngrok unless you upgrade to a paid plan. Don’t have it handy, but it might be something like 5.tcp.eu.ngrok.io:14997, so that’s IP 5.tcp.eu.ngrok.io and port 14997 in AGO.
C:\Downloads> ngrok tcp 192.168.0.21:80
Worked a treat! here, 192.168.0.21 is my raspberry pi, and I’m running this from my PC.
If you are trying to use RTK2go.com:2101 from your home or office PC network, you do not NEED port forwarding (and NAT is occurring locally behind you back as multiple machines share the IP your router was assigned). This is because you making an outbound connection an most firewalls are set to allow that. It is the inbound connection they block by default.
If you are going to run your own NTRIP Caster (the free SNIP Lite model or any other) then others users outside of your network will need to be able to find it (in this case by IP) and connect to the machine with hosting your Caster. Now you need both a) new firewall rule (on your router) to allow inbound connections (probably on port 2101) and b) a NAT rule to port forward that traffic from your router on that port to the IP and port to where the host PC resides on your local network. [And if you get all that working, some folks also like to use DDNS to attached a URL to their IP.]
Because you are pushing out your base station data to RTK2go, there are generally no changes you need to make in your local internet. And that was part of the goal when it was setup, although the original motivation was also that many ISPs charge way too much $$ for a static IP.
I use Emlid and its great, but even with it I find getting the router out of the mix helps greatly. Usually the ISP gives you a terrible router/modem, so you end up running a second behind it giving a double NAT.
Try making your base station connected directly to the ISP equipment.
I think that in going such a route, in effect you expose any and all services on the emlid to the internet, direct, that way. That would likely include your web admin interface too.
I think that is the point, the service is connecting with the corrections reliably.
So if someone could find the emlid on the carrier system, figure out it had a login, know the password and username. What could they do? Not a whole lot. Look at a satellite chart?
In the worst case scenario, install some malicious software on it and use it as a relay to attack others. No idea how the emlid hangs together tho, but any time you expose a terminal or service, you’re open to potential abuse.
How would you connect your computer to the ISP connection if you are 99% of the worlds population, directly to the ISP equipment. Connecting to the Internet does have risks, but most are overblown.
The only way the emlid can send corrections is by sending them to a known domain or static IP to connect. The chances of someone coming back up an unreserved IP pool, that is constantly changing through carrier NAT is very unlikely. Unless you click on a link in an email or something that loads the malicious software so they can find your computer.
Writing malicious software for emlids sounds like the most effort to get no bitcoins.
The chances of someone coming back up an unreserved IP pool, that is constantly changing through carrier NAT is very unlikely
That’s not how it works, an IP address is there and yeah, it could be your emlid today, it could be someone else tomorrow. The point is, it’s on the internet advertising a service at a reachable address. I’d still class it as minor risk to be honest. I do this sort of thing for a living and I didn’t even DMZ my rtkbase
My experience with Internet security so far has been
My dad “The **** are hacking my iphone”
Me “How do you know?”
My dad “Its always saying update available”
or
Computer user “I dont have any viruses, I have Kaspersky Antivirus”
Me " "
Computer user “could you still fix my computer it runs really slow”
Me " "
I am pretty sure I know how it works too, try to find my emlid. Its easy at the static ip of the caster, not so easy at the end of all of the ISP’s equipment. According to the publicly visible internet IP I am on, currently the ISP server handling my connection that I show up as is 1300km away. But the internet facing IP changes during the day, and sometimes changes cities as well. Also my local WAN ip changes daily.
Oh totally agree - end users are the worst for “knowing about computers”… I once had an argument with a guy who didn’t have anti-virus, “because he’s never had one”. Also, another fella reckoned windows 7 was fine even though it’s not supported, “because he’s never been hacked”.
As to the 1300km - that’s IP geolocation that’s actually at fault there. That’s never an exact science at best. According to https://www.iplocation.net/ip-lookup which polls multiple services, my IP right now is in Inverness (correct), Craig Dunain (other side of city), London (South Bank), Brockley and Birmingham. Just depends who you ask and when.
Doesn’t matter whether I can find your emlid or not - check your IP address on shodan.io and you’ll see what services might have been advertising on that the last time it was scanned (and on the off-chance you have the same IP as when it was scanned, you’ll see your 2101 at least).
In my case, it’s not correct as it was last scanned weeks ago and my IP changed since then. Point being tho, if you have a service open and you’re on the internet, then that’s a target. How much of a worry that is, especially in your case where a) little-known/used services (2101/RTCM) and b) IP changes a lot… .well I’d say not to worry about it personally. I don’t particularly for mine, rtkbase isn’t designed very securely but it’s little known and thus low-ish risk.
Odd your IP changes so much - I’m dynamic, but I’ll typically have the same one from my provider for weeks on end. But it will change eventually, hence dynu to the rescue etc.
So your ISP has no mechanism for your endpoint to engage in your own port-forwarding if you wanted to self-publish RTK then? Seems like quite a restriction!