what about the users re: NAT444 or ?

Dan Wing dwing at cisco.com
Wed Sep 14 00:18:53 CDT 2011


> One can do that with or without NAT. This claim that one cannot
> keep a network running without a service provider connected if you
> don't run NAT is a myth of dubious origin.

If the hosts are running DHCP, and the ISP is running the DHCP
server?  I guess they will fall back (after a while) to link-local
and continue on their merry way.

> > can accomplish this pretty easily, because the IPv4 addresses in
> > the home can be any IPv4 address whatsoever -- which allows the
> > in-home CPE ("B4", in Dual Stack-Lite parlance) to assign any address
> > it wants with its built-in DHCP server.)
> >
> 
> There are other ways to accomplish this as well.

-d

> > -d
> >
> >> and less technically but relevant I think is to ask about cost? who
> >> pays?
> 
> In some cases, ISPs will provide new CPE to their end users. In other
> cases,
> end-users will be expected to pay to upgrade their own.
> 
> Owen
> 
> >>
> >>
> >> Christian
> >>
> >> On 8 Sep 2011, at 15:02, Cameron Byrne wrote:
> >>
> >>> On Sep 8, 2011 1:47 AM, "Leigh Porter"
> <leigh.porter at ukbroadband.com>
> >> wrote:
> >>>>
> >>>>
> >>>>
> >>>>> -----Original Message-----
> >>>>> From: Owen DeLong [mailto:owen at delong.com]
> >>>>> Sent: 08 September 2011 01:22
> >>>>> To: Leigh Porter
> >>>>> Cc: Seth Mos; NANOG
> >>>>> Subject: Re: NAT444 or ?
> >>>>>
> >>>>>> Considering that offices, schools etc regularly have far more
> than
> >> 10
> >>>>> users per IP, I think this limit is a little low. I've happily
> had
> >>>>> around 300 per public IP address on a large WiFi network, granted
> >> these
> >>>>> are all different kinds of users, it is just something that
> >> operational
> >>>>> experience will have to demonstrate.
> >>>>>>
> >>>>> Yes, but, you are counting individual users whereas at the NAT444
> >>>>> level, what's really being counted is end-customer sites not
> >> individual
> >>>>> users, so the term
> >>>>> "users" is a bit misleading in the context. A given end-customer
> >> site
> >>>>> may be from 1 to 50 or more individual users.
> >>>>
> >>>> Indeed, my users are using LTE dongles mostly so I expect they
> will
> >> be
> >>> single users. At the moment on the WiMAX network I see around 35
> >> sessions
> >>> from a WiMAX modem on average rising to about 50 at peak times.
> These
> >> are a
> >>> combination of individual users and "home modems".
> >>>>
> >>>> We had some older modems that had integrated NAT that was broken
> and
> >>> locked up the modem at 200 sessions. Then some old base station
> >> software
> >>> died at about 10K sessions. So we monitor these things now..
> >>>>
> >>>>
> >>>>>
> >>>>>> I would love to avoid NAT444, I do not see a viable way around
> it
> >> at
> >>>>> the moment. Unless the Department of Work and Pensions release
> >> their /8
> >>>>> that is ;-)
> >>>>>>
> >>>>>
> >>>>> The best mitigation really is to get IPv6 deployed as rapidly and
> >>>>> widely as possible. The more stuff can go native IPv6, the less
> >> depends
> >>>>> on fragile NAT444.
> >>>>
> >>>> Absolutely. Even things like google maps, if that can be dumped on
> >> v6,
> >>> it'll save a load of sessions from people. The sooner services such
> >> as
> >>> Microsoft Update turn on v6 the better as well. I would also like
> the
> >> CDNs
> >>> to be able to deliver content in v6 (even if the main page is v4)
> >> which
> >>> again will reduce the traffic that has to traverse any NAT.
> >>>>
> >>>> Soon, I think content providers (and providers of other services
> on
> >> the
> >>> 'net) will roll v6 because of the performance increase as v6 will
> not
> >> have
> >>> to traverse all this NAT and be subject to session limits, timeouts
> >> and
> >>> such.
> >>>>
> >>>
> >>> What do you mean by performance increase? If performance equals
> >> latency, v4
> >>> will win for a long while still. Cgn does not add measurable
> latency.
> >>>
> >>> Cb
> >>>> --
> >>>> Leigh
> >>>>
> >>>>
> >>>>
> >>
> ______________________________________________________________________
> >>>> This email has been scanned by the MessageLabs Email Security
> >> System.
> >>>> For more information please visit http://www.messagelabs.com/email
> >>>>
> >>
> ______________________________________________________________________
> >>>>
> >
> >




More information about the NANOG mailing list