If it’s double NAT where you have control over both boxes, it’s not that big a deal. First of all, it only matters at all if you’re trying to forward ports for remote access to your services, in which case you just need to add two port forwarding rules for each service, instead of one, one in each firewall. Alternatively if the ISP router allows it, see if it has a 1:1 NAT feature, this way it forwards ALL the ports to your private router, where you can then be selective about which ports to allow.

Alternatively, if you’re not trying to host services on your LAN for public access and consumption (Which would be a bad idea at this point in time anyway given your level of knowledge) don’t worry about the NAT or port forwarding at all and just use a mesh VPN like Tailscale (Optionally with the self hosted control application Headscale) and use that to access your services which outside home securely.

No issues with double NAT. I even had a setup with an internal and external net, and the provision that any network link originating from (not passing through) the outer NAT router would raise an alert on the inner NAT router - which would simply switch the outer NAT router off.

Double NAT with DMZ.

Those SIP ALGs are more trouble than they are worth. If you are using SIP devices, use a different outbound port on each device (eg: 5060, 5061, 5062).

If you’re using double NAT, you’re doing something wrong. If you want to do it right, stop using double nat. If that doesn’t matter to you, and you’re comfortable supporting a broken-by-design network, do it.

Yes.