cgnat - how do you handle customer issues
lee at asgard.org
Tue Feb 27 22:41:56 UTC 2018
On 02/27/2018 11:30 AM, Aaron Gould wrote:
> Couple questions please. When you put thousands of customers behind a cgnat
> boundary, how do you all handle customer complaints about the following.
> 1 - for external connectivity to the customers premise devices, not being
> able to access web servers, web cameras, etc, in their premises?
For web servers, you gently remind them of their ToS, and offer to
upgrade them to a business account.
You offer to upgrade them to native IPv4, for a fee, and suggest they
contact the manufacturer to see why it doesn't support IPv6.
I've heard of PCP for this, but never seen it in production on CPE.
I saw an early prototype of DS-Lite that included a customer portal that
would allow the customer to enable port forwarding, but I can't imagine
trying to walk a customer through two layers of port forwarding.
Most of these consumer electronics devices long ago started using
ICE/TURN/STUN, and/or the company's web portal as their external
communication platform. Doesn't mean all of them do.
> 2 - from the premise natted device, when customers go to a university or
> bank web site, how do you handle randomly changing ip addresses/ports that
> may occur due to idle time and session tear-down in nat table such that the
> bank website has issues with seeing your session ip change?
You can extend your idle timers, of course, but only so much before
you're squatting on all your ports.
After that, it's down to explaining to the university, bank, etc. that
they need IPv6 if they want their web site to be reachable. Or at least
they need to extend their idle timers.
More information about the NANOG