NAT444 or ?

Geoff Huston gih at
Thu Sep 8 05:26:46 UTC 2011

On 08/09/2011, at 2:41 AM, Leigh Porter wrote:

>> -----Original Message-----
>> From: Daniel Roesen [mailto:dr at]
>> Sent: 07 September 2011 17:38
>> To: nanog at
>> Subject: Re: NAT444 or ?
>> On Wed, Sep 07, 2011 at 12:16:28PM +0200, Randy Bush wrote:
>>>> I'm going to have to deploy NAT444 with dual-stack real soon now.
>>> you may want to review the presentations from last week's apnic
>> meeting
>>> in busan.  real mesurements.  sufficiently scary that people who were
>>> heavily pushing nat444 for the last two years suddenly started to say
>>> "it was not me who pushed nat444, it was him!"  as if none of us had
>> a
>>> memory.
>> Hm, I fail to find relevant slides discussing that. Could you please
>> point us to those?
>> I'm looking at
> There is a lot in the IPv6 plenary sessions:
> This is what I am looking at right now. Randy makes some good comments in those sessions. I have not found anything yet, but I am only on session 3, pertaining specifically to issues around NAT444.

It may not be what Randy was referring to above, but as part of that program at APNIC32 I reported on the failure rate I am measuring for Teredo. I'm not sure its all in the slides I was using, but what I was trying to say was that STUN is simply terrible at reliably negotiating a NAT. I was then wondering what pixie dust CGNs were going to use that would have any impact on the ~50% connection failure rate I'm observing in Teredo. And if there is no such thing as pixie dust (damn!) I was then wondering if NATs are effectively unuseable if you want anything fancier than 1:1 TCP connections (like multi-user games, for example). After all, a 50% connection failure rate for STUN is hardly encouraging news for a CGN deployer if your basic objective is not to annoy your customers.


More information about the NANOG mailing list