Slashdot: UK ISP PlusNet Testing Carrier-Grade NAT Instead of IPv6

Owen DeLong owen at delong.com
Fri Jan 18 17:51:48 UTC 2013



Sent from my iPad

On Jan 18, 2013, at 5:57 AM, Joe Maimon <jmaimon at ttec.com> wrote:

> 
> 
> Owen DeLong wrote:
> 
> 
>>> Clearly we have run out of trickery as multiple layers of NAT stumps even the finest of our tricksters.
>> 
>> Yes, we can dedicate thousands more developer hours to making yet more extensions to code to work around yet more NAT and maybe make it sort of kind of work almost as poorly as it does now. Or we could pour a fraction of those developer hours into implementing IPv6 in those same applications and have the problem solved in perpetuity.
> 
> There is no "we"
> 
> People will follow their personal motivations. If that includes improving their application experience in the face of prevalent CGN technology, I expect many of them to decide to put in the effort no matter what either your or I have to say about it.
> 

There most certainly is a "WE". "WE" may not get to make the decision about how any of this turns out, but "WE" will suffer the consequences of those collective decisions.

>> My hope is that we will realize at some point that this is a badly loosing proposition, but, my fear is that we will actually find ways to make it work and worse yet, dedicate resources to doing so.
>> 
>> IMHO, having it fail miserably is the best case scenario. The alternatives are far worse.
> 
> See above. The internet is not top down. It is a potpourri of interacting influences. Nobody takes marching orders from either of us.
> 

Right, but everybody suffers the consequences of the decisions made by those interacting influences. As such, I am at least attempting to educate as many of the decision makers along the way in the hopes of getting some reasonable outcome somewhere down the road rather than watching the internet fall to pieces in NAT hell.

>> I'd believe 50% or maybe even 65%, but 75% stretches credibility. See above for a partial list of the various things I expect they are doing with those addresses.
> 
> So a provider to have a one to one relationship between infrastructure addresses and subscribers is somehow plausible to you? Anyone else?
> 

Subscribers, no, subscriber addresses in a wireless environment, yeah.

> Not to me. Not even if you count every single employees and every single corporate server and device, of which the vast majority are not even using globally unique addresses. Which is what we are discussing.
> 
> And suppose they are. A corporation like that can re-use 50% of their IPv4 by converting internally to NAT (and IPv6 we hope).

There are many ways we can sabotage our infrastructure in order to squeeze more NAT out of many places. Personally, I would not advocate putting that effort into such an obviously losing proposition, but obviously I may well be in the minority there.

>>> How about much simpler math. Assume 75% IP in any provider organization are for subscribers. Assume an average 5-10 subscribers per CGN IP.
>> 
>> I don't believe the first assumption and I think that more than about 3 is rather optimistic for the second one, actually. Especially in the face of dedicated port range CGN proposed by most of the ISPs I know have real plans to implement CGN rather than just a "yeah, we'll do that when we have to" approach.
> 
> Most NAT44 implementations have absolutely no issue scaling to low hundreds of users with ONE IP address.
> 

We're not talking NAT44... We're talking NAT444 and you don't get nearly the multiplier at the second layer that you can get at the first level. You've already concentrated those low hundreds of users into the port range of a single address at the first level. Now you're inflicting a second level where you can't get nearly that level of compression.

> 3 is absolutely ridiculously low. 3 of the above, maybe.
> 
> However, even at 3, that means that they can double their subscriber base with their existing addresses. So unless their existing base took 2 months to acquire, that is a deal more than 4 month stop gap you claim.

Or not. At 3 they can double their subscriber base if they don't need any additional external facing infrastructure to support all of this and get a 100% efficient conversion of users from their existing connectivity to CGN.

> And since you believe that it is plausible for such an organization to have a one to one infrastructure/subscriber relationship, going private (and we hope ipv6) internally, gives them another 3x subscriber base.
> 
> Clearly, CGN can provide enough address re-use to stave off exhausting in a provider's subscriber base for years.
> 
> But only if the technology scales and is not immediately rejected by 30-60% of the subscriber base.

Which assumes many facts not in evidence and is contrary to the research and testing that has been done so far.

> This is why we view the testing of CGN as newsworthy.
> 

draft-donnely anyone?

>> 
>> 
>>> Clearly, that organization's subscriber growth will be limited by CGN technology, not by address scarcity.
>> 
>> Why? Does it not scale linearly? If not, why not?
> 
> I dont particularly like a multilayered NAT internet any more than you.
> 
> However it is coming and will stay for as long as it is needed and useful for those who operate it. Which is likely to be far longer then either of us like.
> 
> We only differ in one point. You believe it will be so bad that it will immediately drive ipv6 adoption and be viewed as a short term expensive boondoggle of a misguided experiment. I am not so confident in its failure.

I'm not confident in it's failure, rather I'm afraid we will pour $billions into making it work.

> I think we are heading toward a new norm.
> 

You may, unfortunately be correct.

>>> 
>>> Think locally for a bit. Addresses are not instantaneously fungible across the internet. Any provider who can pull this off will have far more then a 4-month stop-gap. They may even have enough to peddle on the market.
>> 
>> I think that's very optimistic.
> 
> With your numbers, a provider can double or triple (actually quadruple or sextuple using your ratio) their subscriber base by converting to CGN. Were you being overly optimistic?
> 
> Or were my estimates, starting at quadrupling or more, overly optimistic?

You assume a 100% conversion rate and 100% across the board acceptance of the change among all subscribers. That's a HUGE capital outlay all at once and pretty optimistic on the acceptance rate IMHO, so, yes, you were overly optimistic.

> 
>> I'm not sure why you say they are not instantaneously fungible.
> >
> > Owen
> 
> Because nobody deploying CGN is going to flag day convert entire subscriber bases. Because the addresses they free up will be reused internally. Because if you are not one of these entities with low hanging fruit such as easily convertible to CGN subscriber bases, you are NOT going to directly benefit from the efforts of those who do.

I agree that not all addresses are immediately available for fungibility, but, an available address is instantaneously fungible.

Anyway, IMHO, all resources dedicated to CGN are resources that would be better spent moving away from IPv4. Fortunately, so far, the majority of larger residential providers seem to be looking in the same direction. Yes, we'll be stuck with some CGN, but I suspect most providers will implement it on a "we inflict this on new subscribers as we have to, but only as many as we have to until we can turn off v4." basis.

Owen





More information about the NANOG mailing list