It has been reported by thinkbroadband and ispreview that plusnet are running tests for Carrier Grade NAT on their network. Unfortunately this was to be expected as the exhaustion of IPv4 addresses means ISPs are finally running out.
The big disappointment here is that general IPv6 deployment really should have happened first, at least in my opinion, and that of others in the industry. At least if end users are able to do IP properly using IPv6 at the same time as suffering CGN on IPv4 they stand some chance of being able to use Internet based services that need some reliable end to end communication.
It is also unfortunate that there are many who do not understand the problems with NAT, and especially CGN. It is all very well people like myself saying NAT is evil, but it helps if people understand some of the reasons why this is the case.
This all stems from one of the fundamental design principles of IP, that every endpoint has a globally unique address. IP packets are addressed to the target address, and the addressing stays the same as the packet passes through a network. Each router sends the packet to a neighbouring router which is logically closer to the final destination. In fact, the only real thing to change on the way is a hop count or time to live which is there to stop infinite loops.
It is worth pointing out that this is not the only way to design a network - there are other ways. One could, for example, have a sort of circuit routed system (like phone calls) where you establish a connection and send packets using a local handle for the connection which is changed at each step via a pre-established route. ATM works a bit like this too. It is a way to do things, but does not allow the same level of re-routing when things break. Circuit switched systems handle capacity limits and re-routing round failure in different ways and would not be as good as the packet based routing used by IP.
The key problem with NAT is that it breaks this principle by changing IP addresses as packets pass through the network. It only works because some protocols, like TCP, have an handshake and some level of logical connection or session which can be tracked and mapped buy the device doing the NAT. This is not true of al IP based protocols, which simply don't work with NAT. It breaks all sorts of protocols which are designed for use by IP in the way it was designed. It is not the end of the world as protocol designers can work around NAT to some extent, and NAT systems can be fudged to understand specific protocols. Many NAT routers have a long list of protocols they know how to fudge which can even include games like Age of Empires. The problem here is a new interdependency between people making protocols and people making NAT boxes which never existed before, and creates flakey operation of networks and stifles development. It also means routers have to keep up with changes. Don't take my word for it though, this is a key point when people from RIPE talk about NAT even though it is RIPE that have run out of IPv4 addresses now.
Carrier Grade NAT adds an extra layer of problems. More normal NAT is done on a router in control of an end user. It has devices that connect on the LAN directly connected. This means that protocols like uPnP have popped up allowing devices to talk to the NAT router and arrange exceptions to the normal operation of NAT. It also allows applications like Skype to pre-empt the operation of routers, guessing the next port to be assigned for NAT. These are all very clever, but do not really scale to CGN. With CGN you are dealing with lots of end users, many of which are behind a layer of NAT at their router as well as the CGN. Devices cannot use uPnP with the CGN, and guessing ports is far less likely to work. Obviously new protocols could allow routers to interact with CGN, but if you are upgrading routers simply adding IPv6 is a much simpler answer to the problem.
There are other issues, such as running out of source ports. Other systems are also being used where each router gets an IP and a range of ports to use for its own NAT, so allowing several routers to share one IP address. This again means new router code at the end user, and so would be better done as IPv6.
We already see issues with NAT on individual routers, including running out of ports and running out of sessions. CGN faces the same problems on a larger scale, and is also costly for an ISP.
Ultimately CGN creates a sort of second class Internet access.
The problem is that, for vast numbers of people, this will mostly work. Anyone that simply checks email, accesses facebook and a few web sites, will probably be fine. If that is all the Internet was or could become, then NAT and CGN would be fine, but we know it can do more and over the years innovations have amazed us all - innovations that should not be stifled by short sighted ISPs ignoring IPv6. There is an irony that many of these common services, facebook, google and even games like WoW already work with IPv6.
There is another factor which is that IPv4 addresses become almost untraceable as they are used by more than one customer at a time and change from moment to moment. This could only work if an ISP has huge logs of every connection (a privacy issue and technical challenge). Even then, tracing a connection may require not just the source IP and port but the target IP and port as well because of overloading of ports. It would also require very accurate timestamps.
Anyway, our policy at A&A is that we have IPv6 (have done for over ten years) and it is standard now on all new connections (and has been for some years). Ultimately we will have to start charging for, and eventually, clawing back IPv4 blocks from customers, but we expect to be able to provide a fixed IPv4 non NAT WAN address to all customers for a long time to come - hopefully long enough to avoid considering CGN.
So, brave of plusnet, we'll all watch with interest.
I wanted to improve our doorbell... Yes, that is dull. But the main change is not the bell (a nice, old style bell in the kitchen, which is ...
Broadband services are a wonderful innovation of our time, using multiple frequency bands (hence the name) to carry signals over wires (us...
For many years I used a small stand-alone air-conditioning unit in my study (the box room in the house) and I even had a hole in the wall fo...
It seems there is something of a standard test string for anti virus ( wikipedia has more on this). The idea is that systems that look fo...