Is is possible to bypass NATed/CGNAT environments using cloudflare workers?

Hi guys,

I have a raspberry pi running Nextcloud at home, unfortunately its behind my ISP NAT which doesn’t allow me to connect to it from outside. I was planning on getting a VPS that runs a VPN which will forward all traffic to my PI.


  1. Can Cloudflare workers be used to ‘punch holes’ though a CG-NAT? (ex. My pi will keep a connection open with a worker and prevent it from being terminated by router NAT, this can be done by pinging/sending heartbeat signals to it several times a minute. The worker will listen it its routes and send all incoming traffic to it to the pi.

  2. Can someone explain me the concept of ‘compute time’ a little better? On workers unlimited I get 50ms for CPU compute time, what does exactly does compute mean in this case? If I am making a subrequest to some other API somewhere, is the clock still running while that resolves?

  3. How long can a data be streamed over cloudflare workers? (Suppose I have simple worker logic that authenticates with an s3 endpoint and provides user with a 2GB file. The route looks like S3–>Cloudflare Worker Edge–> Client) How long before cloudflare will cut my connection are there any limits?

Note: I am aware that (cloudflared) Argo tunnel can be used for routing behind a NAT, but I am just checking if there any hack to pull with NAT and serverless. :slight_smile: