Slashdot: UK ISP PlusNet Testing Carrier-Grade NAT Instead of IPv6

Andre Tomt andre-nanog at
Fri Jan 18 15:08:02 UTC 2013

(resending with nanog-approved address..)

On 18. jan. 2013 01:30, Jeff Kell wrote:
> On 1/17/2013 6:50 PM, Owen DeLong wrote:
>> Vonage will, in most cases fail through CGN as will Skype, Xbox-360,
>> and many of the other IM clients.
> Not sure about Vonage, but Skype, Xbox, and just about everything else
> imaginable (other than hosting a server) works just fine over NAT with
> default-deny inbound here, and we have several thousand students in the
> dorms that bang the heck out of those services.  Most applications have
> adapted to the SOHO NATing router that is prevalent today on broadband
> internet. And if it didn't work, believe me, I'd hear about it :)

Your users must have fairly low expectations :-)

That snide comment aside, a single level of NAT44 works OK now for most 
current consumer level applications. But this is about multiple levels 
of NAT, where the usual "hacks" with UPNP IGD/NAT-PMP to get inbound 
ports are not likely to work. Even if you dont support these tricks on 
your end today, its likely that it is supported at the other side. Most 
"p2p" traffic like Skype only needs the mapping to work at one end, as 
they have to signal/negotiate addresses and portnumbers through some 
third party anyway.

So currently, even double NAT at one end, it is likely to work out 
(within the current expectations of users.)

When CGN gets to critical mass, where both ends of a connection is 
likely to be even more crippled than today*, things change. Now you have 
to bounce all the data of some third party, like a DC, maybe not even on 
the same continent.

When Skype fails to map ports at both ends today the experience is 
pretty horrible actually, at least over here, even with the backing of 
Microsofts infrastructure. Also makes me wonder how expensive running 
such services will become (Only feasable for Google and Microsoft?)

* Some support for mapping ports at CGN is in development, but requires 
new or updated CPE/home gateways, software support/awareness and support 
for it in the CGN (riiight.)

More information about the NANOG mailing list