What's the deal with Hairpin Nat/Loopback being disabled??

I just moved to xfinity's service area from NYC and so far -- not pleased. 

First, my partner had a heck of a time setting up the ring doorbell before I was out here full time. For some reason they needed to send a new Gateway for a 2.4ghz-only device to work -- and it took 5 calls before they finally actually sent it, despite saying they would send it out each time. 

Secondly, but also, primarily - once I got out here, when I went to set up my devices, it seemed like port forwarding wasn't working. Three chats and 3 phonecalls later, I was finally able to speak with someone who seemed aware of the existence of port forwarding -- note: this isn't an attempt to disparage the representatives who tried to help, I appreciate their time, but, for whatever reason, most didn't know that port forwarding was a feature of the gateway, let alone what it did. I fault training and/or lack thereof, not the representatives. 

Anywho, so the 6th agent and I, we do some troubleshooting -- turns out, the port forwarding was indeed working, but, one can't access an internal device via the public ip address or a dynamic dns associated with the public IP. Ah yes, the issue is lack of Hairpin Nat.

A brief primer for the uninitiated: lets say, for example, you built your own security camera based on a raspberry pi. You set it up to have a web-based dashboard/viewer available on port 4269. For this example, say the Pi has a LAN ip of 10.0.0.13. While you're at home, you can access it by pointing a browser to h*tp://10.0.0.13:4269

But, because it's behind a gateway and behind NAT, you can't access it away from home. This is why one uses port forwarding. If I forward port 4269 to the raspberry pi on the gateway, now I can access it anyway via the public IP. A step further, set up dynamic dns so myhouse.coolguy.party always points to your public IP. So, you can always just go to h*tp://myhouse.coolguy.party:4269 to look at your security cam. Neat!

EXCEPT:
to use that dynamic dns, or the public IP to connect to the camera from within the network the camera is on, the router/gateway needs to support something called "Hairpin NAT" also known as "NAT Loopback". Xfinity has intentionally disabled this feature on their gateways. 

Now, I don't build my own security cameras, and my dynamic dns isn't hosted at coolguy.party, those are just examples. 
But, I do build my own IOT devices, that are basically hardcoded to communicate with my own server. Yes, there are more robust and more secure ways of doing IOT, but I'm not particularly concerned about devious hackers learning the deep dark secrets of the ambient outdoor humidity. In my example, without Hairpin NAT, if I have a device that I move back and forth between home and office, if I want it to be able to communicate with a server or broker located at home, I have to reflash the firmware when I leave the house, and again when I get home. 

The worst part is, I have yet to speak to anyone in customer service who has any idea what I'm talking about. I admit, it's a somewhat esoteric parameter of internet gateway configuration - but using things the way I have them set up has worked on [nyc area cable ISP], [nyc area telco fiber ISP], [university-managed network] and behind mobile hotspots. It has simply never been a problem - aside from one time that eero pushed a software update that disabled hairpin nat and I went back and forth with their engineers to re-enable the feature for future builds, they did, and it has stayed enabled. 

So I just have to know -- what's the rationale for disabling this feature on xfinity-provided gateways? What does this provide the customer or the company? And for customers who signed up for the service with the understanding that it came with an XB8 gateway -- literally marketed that it "is made to do anything, so you can do everything" [source]

Mathematically false: You can't do everything. You can't access your own devices via your public IP while connected to your home network. This activity is at face value in the set of "things one might do with a network-address-translated computer network", and since the set "everything" in this context contains all sets of things one might do with a computer network, mathematically - according to the marketing, I should be able to do it. But I can't. Why?

Also yes, I'm this guy. You should have guessed that way earlier when I started talking about building my own IOT devices, so if you're surprised that I'm this guy, I have no response.