what about the users re: NAT444 or ?

Owen DeLong owen at delong.com
Wed Sep 14 04:37:42 UTC 2011

On Sep 8, 2011, at 9:52 AM, Dan Wing wrote:

>> -----Original Message-----
>> From: Christian de Larrinaga [mailto:cdel at firsthand.net]
>> Sent: Thursday, September 08, 2011 8:05 AM
>> To: Cameron Byrne
>> Cc: NANOG
>> Subject: what about the users re: NAT444 or ?
>> I wonder if the discussion as useful as it is isn't forgetting that the
>> edge of Internet has a stake in getting this right too! This is not
>> just an ISP problem but one where content providers and services that
>> is the users need to get from here to there in good order.
>> So
>> What can users do to encourage ISPs to deploy v6 to them?

Call up and ask for it? Vote with their $$ and their feet?

>> What can users do to ease the pain in reaching IPv4 only sites once
>> they are on IPv6 tails?

1. Encourage the sites they care about to implement IPv6.
2. Why is being on an IPv6 tail exclusive of being on an IPv4 tail. I would want
	to be on a dual-stack tail (which is what I currently have).

>> Is there not a bit of CPE needed here? What should the CPE do? and not
>> do? should it deprecate NAT/PAT when it receives 1918 allocation from a
>> CGN?
> Careful with that idea -- people like their in-home network to continue
> functioning even when their ISP is down or having an outage.  Consider
> a home NAS holding delivering content to the stereo or the television.
> It is possible to eliminate reliance on the ISP's network and still
> have the in-home network function, but it's more difficult than just
> continuing to run NAT44 in the home like today.  (Dual Stack-Lite

One can do that with or without NAT. This claim that one cannot
keep a network running without a service provider connected if you
don't run NAT is a myth of dubious origin.

> can accomplish this pretty easily, because the IPv4 addresses in
> the home can be any IPv4 address whatsoever -- which allows the
> in-home CPE ("B4", in Dual Stack-Lite parlance) to assign any address
> it wants with its built-in DHCP server.)

There are other ways to accomplish this as well.

> -d
>> and less technically but relevant I think is to ask about cost? who
>> pays?

In some cases, ISPs will provide new CPE to their end users. In other cases,
end-users will be expected to pay to upgrade their own.


>> Christian
>> On 8 Sep 2011, at 15:02, Cameron Byrne wrote:
>>> On Sep 8, 2011 1:47 AM, "Leigh Porter" <leigh.porter at ukbroadband.com>
>> wrote:
>>>>> -----Original Message-----
>>>>> From: Owen DeLong [mailto:owen at delong.com]
>>>>> Sent: 08 September 2011 01:22
>>>>> To: Leigh Porter
>>>>> Cc: Seth Mos; NANOG
>>>>> Subject: Re: NAT444 or ?
>>>>>> Considering that offices, schools etc regularly have far more than
>> 10
>>>>> users per IP, I think this limit is a little low. I've happily had
>>>>> around 300 per public IP address on a large WiFi network, granted
>> these
>>>>> are all different kinds of users, it is just something that
>> operational
>>>>> experience will have to demonstrate.
>>>>> Yes, but, you are counting individual users whereas at the NAT444
>>>>> level, what's really being counted is end-customer sites not
>> individual
>>>>> users, so the term
>>>>> "users" is a bit misleading in the context. A given end-customer
>> site
>>>>> may be from 1 to 50 or more individual users.
>>>> Indeed, my users are using LTE dongles mostly so I expect they will
>> be
>>> single users. At the moment on the WiMAX network I see around 35
>> sessions
>>> from a WiMAX modem on average rising to about 50 at peak times. These
>> are a
>>> combination of individual users and "home modems".
>>>> We had some older modems that had integrated NAT that was broken and
>>> locked up the modem at 200 sessions. Then some old base station
>> software
>>> died at about 10K sessions. So we monitor these things now..
>>>>>> I would love to avoid NAT444, I do not see a viable way around it
>> at
>>>>> the moment. Unless the Department of Work and Pensions release
>> their /8
>>>>> that is ;-)
>>>>> The best mitigation really is to get IPv6 deployed as rapidly and
>>>>> widely as possible. The more stuff can go native IPv6, the less
>> depends
>>>>> on fragile NAT444.
>>>> Absolutely. Even things like google maps, if that can be dumped on
>> v6,
>>> it'll save a load of sessions from people. The sooner services such
>> as
>>> Microsoft Update turn on v6 the better as well. I would also like the
>> CDNs
>>> to be able to deliver content in v6 (even if the main page is v4)
>> which
>>> again will reduce the traffic that has to traverse any NAT.
>>>> Soon, I think content providers (and providers of other services on
>> the
>>> 'net) will roll v6 because of the performance increase as v6 will not
>> have
>>> to traverse all this NAT and be subject to session limits, timeouts
>> and
>>> such.
>>> What do you mean by performance increase? If performance equals
>> latency, v4
>>> will win for a long while still. Cgn does not add measurable latency.
>>> Cb
>>>> --
>>>> Leigh
>> ______________________________________________________________________
>>>> This email has been scanned by the MessageLabs Email Security
>> System.
>>>> For more information please visit http://www.messagelabs.com/email
>> ______________________________________________________________________

More information about the NANOG mailing list