“Don’t click a few buttons in your router UI to forward a port and setup a dynamic DNS client in the same way that has worked for 25 years. Instead use a bunch of other 3rd party shit that builds a VPN and tough shit if people are using a TV.”
What you’ve described is a pain in the ass from a setup perspective. I think what you were trying to say is “be careful about jellyfin vulnerabilities”, but that’s definitely not what came out.
Exposing a port to the internet is a huge pain nowadays. You never know if it is going to work, and even if it works it is incredibly flaky. What's changed is that a lot of ISPs are using double NAT or CGNAT now, which wasn't as common before. Which means router based DDNS will simply not work. On top of that every single router I've used is extremely unpredictable about respecting uPNP or whatever. So for most people a tailscale vpn or cloudflare tunnel is the best option.
In my situation at home, port forwarding is stupid-simple and just works.
My ISP does not saddle me with CGNAT (or any other form of NAT). I don't use UPnP.
I have a real (dynamic, but just-for-me and almost never changing) IPv4 address to use, and I simply use it.
It works predictably. It works reliably. It is not even a little bit flaky. There is no voodoo involved.
And it doesn't require me to teach my elderly mother how to use Tailscale with her Roku STB.
(I recognize that others may have different situations. But the existence of different situations doesn't mean that one must declare a particular solution to be the "best", does it? KISS.)
Exactly, my old ISP and current ISP both use double NAT. I literally tried calling to get a level 2 tech to get them to reconfigure my modem to use bridge mode.
What you’ve described is a pain in the ass from a setup perspective. I think what you were trying to say is “be careful about jellyfin vulnerabilities”, but that’s definitely not what came out.