Slashdot: UK ISP PlusNet Testing Carrier-Grade NAT Instead of IPv6

Lee Howard Lee at
Fri Jan 18 17:29:08 UTC 2013

On 1/18/13 9:03 AM, "William Herrin" <bill at> wrote:

>On Thu, Jan 17, 2013 at 11:15 PM, Constantine A. Murenin
><mureninc at> wrote:
>> IPv6 is obviously the solution, but I think CGN poses more
>> technological and legal problems for the carriers as opposed to their
>> clients or the general-purpose non-server non-p2p application
>> developers.
>Correct. The most significant challenges to CGN are legal compliance
>issues. NAT complicates the process of determining who did what using
>the public IP at this timestamp. CGN developers have designed some
>novel solutions to that problem, such as dedicating port ranges to
>particular interior addresses and logging the range once instead of
>trying to log every connection. So, don't expect it to be a show
>stopper for long.

Many servers don't log source port.  Doesn't matter if the CGN operator
has a log, if you can't provide enough data to find the right entry in the

>On the technical side, enterprises have been doing large-scale NAT for
>more than a decade now without any doomsday consequences. CGN is not

Even if the implementation was the same (it's not), that doesn't mean the
operation is the same in a a different environment.  Residential users
have different applications and expectations than enterprise users (not a
lot of game consoles or BitTorrent on corporate networks).  The legal
issue is different, too: a different level of response is appropriate from
a corporate net admin than an ISP.

>> CGN breaks the internet, but it doesn't break non-p2p VoIP at all
>Also correct. The primary impacts from CGN are folks who want to host
>a game server, folks running bit torrent and folks who want to use
>Skype. Skype's not stupid and voip relays are easy so after minor
>growing pains that'll cease to be an issue too.

"voip relays are easy"?  To what scale, for a free service?

>Make opting out of CGN simple and cheap. The relatively few folks who
>would be impacted will opt out with no particular animus towards you
>and you'll recover the IP addresses you had dedicated to the rest.

You are welcome to deploy it if you choose to.
Part of the reason I'm arguing against it is that if everyone deploys it,
then everyone has to deploy it.  If it is seen as an alternative to IPv6
by some, then others' deployment of IPv6 is made less useful: network
effect.  Also, spending money on CGN seems misguided; if you agree that
you're going to deploy IPv6 anyway, why spend the money for IPv6 *and
also* for CGN?


More information about the NANOG mailing list