Security_eBook_blog_Banner
Bloggers / IPv6 /

IPv6 and Carrier Grade NAT: what you need to know

CGN is sound, but not without its potential network drawbacks and pitfalls, according to a recent podcast. Get prepared for the transition from IPv4


keep-calm-and-enable-ipv6

This spring when UK-based Internet service provider BT decided to introduce IP sharing to its broadband customers with an eye on avoiding the looming IPv4 shortage, users weren’t happy. The BT trial involved having a single IP address support up to 10 customers — the execution resulting in network issues, disruptions and upset customers in the process. But when it comes to migrating to IPv6 from IPv4, the premise of Carrier Grade NAT (CGN) is sound — but not without its potential network drawbacks and pitfalls, according to industry experts.

As Gogo6 CEO Bruce Sinclair and IPv6 Forum Fellow Jeff Doyle note on a recent episode of The IPv6 Show podcast, Carrier Grade NAT is an excellent technology that allows organizations and Internet service providers (ISPs) to transition to IPv6 and still support the older IPv4 content and devices. As the industry faces the reality of IPv4 addresses running out, using the IPv4 CGN networks while building out an IPv6 infrastructure would enable organizations to maintain service uptime, performance and scalability of the network.

Related: 6 IPv6 security concerns that shouldn’t hold network admins back

Related: IPv6 migration: 5 perspectives from Latif Ladid

CGN, in the long run, is just the same NAT44 that the industry has known for years, according to Doyle. In effect, CGN modules perform NAT44 translations for all IP traffic — multiplexing different flows from different IP addresses “effectively stretching what’s available in the IPv4 space,” notes Doyle. “The idea of Carrier Grade NAT is, let’s take that NAT and…let’s move it to a central location. Now we can really use those IPv4 addresses that we have available to us and map, instead of a few hundred flows you can map tens of thousands of flows to each IPv4 address.”

So while CGN offers organizations the time necessary to effectively and efficiently transition to IPv6 via address sharing, there are inherent drawbacks and CGN remains a “divisive issue” within the IPv6 community as IPv4 addresses run out. It’s been cited as “going against the open spirit of the Internet” and adding a layer of complexity in some instances; specifically, it can be seen as a Band-Aid solution to the ongoing issues of supporting existing IPv4-based devices and users during the network shift to IPv6. It can also be viewed as a disruptive practice, restricting user access to the Internet and potentially affecting dynamic DNS services.

Doyle offers that organizations should adopt a strong test strategy when it comes to CGN, which includes extensive testing for application/service breakage. The planning stages are highly important, particularly when operating dual-stack networks, says Doyle. For example, basic CGN architectures such as NAT444 and NAT464 can help effectively build a robust dual stack network approach — “a dual layer translation” — to dealing with a fast depleting IPV4 private/public address pool, offers Doyle. The problems with (something like NAT444) are around some applications or devices that may “break” where you have upper layer applications that are expecting to see the same address: “So if you translate that address, they obviously don’t work anymore.” From a network manager or administrator perspective, it is crucial to understand the different terminologies and transition mechanisms including protocols (NAT444, NAT464, DS-Lite, MAP-E, MAP-T) and the distinct pros and cons of CGN as it pertains to specific network environments.

According to Doyle, it’s about understanding how best to leverage technology such as CGN that helps service providers quickly enhance the network to IPv6 while still providing IPv6 to their customers over IPv4 (keeping them happy in the process): “You can look at CGN as beyond just the service provider architecture…you can also look at it as deploying at the edge of a large business or the edge of a data centre.  So you get direct deployment of trying to extend your remaining IPv4 resources in an age where those resources are just about gone.”

Get more advice on Planning the Transition to IPv6 by downloading the white paper from Allstream.

SIP eBook 2014 expertIP bottom banner update
Comments are closed.