Sorry for the off topic post. But just thought of a good question to ask as I was reading the reply.
As we move (slowly) to IPv6 will the CGNAT no longer be a problem?
Considering HOW slow, yeah I think it will be for the foreseeable future.
IPv6 is also a bit of a nightmare from a security perspective. I'm not talking the usual scare stories, I mean that the sheer number of addresses is going to make things like blocking bad actors using pfBlockerNG a real PITA as the pool of addresses they could be using will be HUGE. Rather than blocking the IP of a compromised device, you're going to have to block the entire subnet. Basically the features that make IPv6 better for user security may be detrimental to server security.
I also notice huge latency fluctuations on Zens IPv6 network. Sometimes the latency is double that of IPv4, at least according to pfSense gateway monitoring. Right now I'm seeing 0.3ms jitter on IPv4, 20ms on IPv6, not good if that's actually representative of real-world usage. (of course, it might not be as maybe their IPv6 gateway just has low ICMP priority)