This is a letter to the developers of IPFS. Please read this and give the proposed solution some consideration.
I am aware that starting with go-ipfs 0.5, peers which are located behind a NAT or firewall are pruned from the DHT. While this improves performance, it fails to solve the underlying problem: all of the nodes without the privilege of a public ip address become clients while those with a public IP address become servers. This creates a slightly less centralized equivalent to the client-server architecture of http and falls short of the decentralization and censorship resistance which IPFS strives for. It also prevents those less fortunate users behind NATs and firewalls from contributing resources to the network or self hosting their own IPFS sites. Surely there is a better way than demoting undialable peers to second class “clients”.
There is a better way. Hyperswarm (part of Dat/Hypercore) includes it’s own distributed hole-punching mechanism to circumvent NATs and firewalls. This basically makes undialable peers dialable, meaning they can participate in all of the ways that a peer with a public IP address can participate.
Implementing similar mechanism into the IPFS DHT would go a long way towards making IPFS more user friendly and realizing the dream of a decentralized censorship-resistant web.
For information on Hyperswarm, please visit https://hypercore-protocol.org/#hyperswarm