Interesting format, but skills feel like optimizing the wrong layer. The agents usually don't fail because of bad instructions — they fail because external systems treat them like bots.
You can have the perfect scraping skill, but if the target blocks your requests, you're stuck. The hard problems are downstream.
The CGNAT point is underrated. Carriers have zero incentive to move away from it - thousands of users per public IP, no transition cost.
The interesting downstream effect is on IP reputation systems. Traditional detection assumed 1 IP = 1 user. CGNAT breaks that entirely - platforms can't aggressively filter mobile carrier IPs without blocking legitimate customers by the thousands.
Makes sense the IPv4 price dropped once mobile networks proved you can serve massive user bases with relatively few public addresses.
Expect CG-NAT boxes are expensive, and introduce another point of failure into the network. Most mobile carriers are running IPv6 first networks these days anyway.
Like you said, CG-NAT does have the benefit of making v4 address reputation less reliable, which means it's not as big a deal for the transition to v6.
>CG-NAT does have the benefit of making v4 address reputation less reliable
heh, less reliable is doing a lot of heavy lifting there. You mean "complete and total trash". We need to get to the point where Cloudflare/AWS/some other big sites just block CG-NAT nodes for a day going this IP address is a risk.
Instead if you're a website, instead of doing an easy block by IP, you're left filtering out AI crawlers, spammers, and lots of other crap hiding behind a single IP with thousands of other users behind it, and ISPs that don't really give a shit about doing anything about it.
We need to push the value of IPv4 to nearly zero and finally move away from that crap.
Could you please stop posting unsubstantive comments and flamebait? You've unfortunately been doing it repeatedly. It's not what this site is for, and destroys what it is for.
Why? How is it "discrimination" if it actually corresponds to a single user, who has been doing bad things to your server (e.g. slamming it with requests)? Do you expect to be able to go and knock on people's doors all day and not have them tell you off?
Anecdotally on how this affects the day to day user experience: I just deployed T-Mobile 5G Business Internet to a temporary pop-up art space (it's only active for a few months) and I'd say twice daily I get a CAPTCHA challenge on Google search.
I wonder if all these new tools that punch through CGNAT like tailscale will end up breaking it when they force these NAT boxes to maintain tons of long lived connections.
With the uptake in smart home and internet connected CCTV by consumers, things could dramatically shift.
I personally hate CGNAT, but I cannot deny that nowadays, the overwhelmingly vast majority of customers most likely does not care (and much less know) that they are behind CGNAT, so this is valid.
Come to think of it, for my use cases, I would probably be fine to be behind IPv4 NAT as long as I also have an un-NATted IPv6 prefix. But a big part of the question here of course is whether IPv6 adoption is worthwhile...
The regime in Iran has so much to hide it's unlikely that they will enable unsupervised international communication ever again. Other countries don't seem ready to do anything about it.
That's a Cloudflare IP — 173.245.x.x is their range. You're seeing Cloudflare's edge servers, not actual visitor IPs.
The multiple locations are just showing which Cloudflare POP handled each request (ORD, SJC, LAX = their data centers). That's expected behavior when you're proxied through CF.
Check the CF-Connecting-IP header to get the real visitor IP. What you're logging right now is basically "which Cloudflare server talked to your origin," not "where the bot actually is."
You can have the perfect scraping skill, but if the target blocks your requests, you're stuck. The hard problems are downstream.