netflix OCA in a CG-NAT world

Owen DeLong owen at delong.com
Mon Sep 17 18:55:04 UTC 2018


> On Sep 17, 2018, at 8:48 AM, Jared Mauch <jared at puck.nether.net> wrote:
> 
> 
> 
>> On Sep 17, 2018, at 6:54 AM, Tom Ammon <thomasammon at gmail.com> wrote:
>> 
>> I'm looking to understand the impact of CG-NAT on a set of netflix OCAs, in an ISP environment. I see in Netflix's FAQ on the subject that traffic sourced from RFC 1918/6598 endpoints can't be delivered to the OCA. Is this simply a matter of deploying the OCA on the outside of the CGN layer? What are the other consequences of CGN upon the OCA?
>> 
> 
> Yes, you want to deploy it outside your CG-NAT.  
> 
> I also strongly suggest you look at how to get native IPv6 from your clients behind the CG-NAT rolled out.  I know many folks have had issues with various CDNs and the number of devices that reach out.  This is why folks get the Google captcha, etc.
> 
> Giving those end-users an alternate way out will help.  I understand this may take effort and is harder for folks using UBNT & Tik gear in a smaller environment, but there is value for your end-users.
> 
> - Jared
> 

Actually, Tik gear fully supports IPv6, so only UBNT gear is really an issue here.

Owen



More information about the NANOG mailing list