How does CGNAT affect SQM/Cake?

I've been looking for some answers into this. My ISP has recently forced more and more people into CGNAT on IPv4. It used to be the case where if you needed something like remote access for your home CCTV system, they would bring you back to an internet facing IP. However, now they just flat out say nothing can be done - and if you want a proper IPv4 adress, you'd need to sign up to their business plan (where you'd need an official business permit for).

I would like to know how this would affect CAKE with the nat dst/srchost option? Should I remove this? Half my current internet traffic is by IPv6 right now. However, I do notice that my IPv4 flows are completely uncontrolled (esp. torrent traffic, whereas they were controlled before). I am using act_ctinfo and connmark-dscp as well.

Mmmh, the standard recommendation, dual-dsthost for ingress and dual-srchost for egress, should still work, after all these are the internal IP addresses in your homenetwork and should not care about what happens on the ISP side.

1 Like

That is concerning, all right.
off the cuff wild hypothesis, maybe the torrents exhaust the AFTR and hence new other flows are gated by the CG NAT process while on-going torrentt flows just mop up the available "bandwidth"?

1 Like