netflix OCA in a CG-NAT world

Jared Mauch jared at puck.nether.net
Mon Sep 17 15:48:22 UTC 2018


> On Sep 17, 2018, at 6:54 AM, Tom Ammon <thomasammon at gmail.com> wrote:
> 
> I'm looking to understand the impact of CG-NAT on a set of netflix OCAs, in an ISP environment. I see in Netflix's FAQ on the subject that traffic sourced from RFC 1918/6598 endpoints can't be delivered to the OCA. Is this simply a matter of deploying the OCA on the outside of the CGN layer? What are the other consequences of CGN upon the OCA?
> 

Yes, you want to deploy it outside your CG-NAT.  

I also strongly suggest you look at how to get native IPv6 from your clients behind the CG-NAT rolled out.  I know many folks have had issues with various CDNs and the number of devices that reach out.  This is why folks get the Google captcha, etc.

Giving those end-users an alternate way out will help.  I understand this may take effort and is harder for folks using UBNT & Tik gear in a smaller environment, but there is value for your end-users.

- Jared



More information about the NANOG mailing list