[144551] in North American Network Operators' Group
Re: what about the users re: NAT444 or ?
daemon@ATHENA.MIT.EDU (Owen DeLong)
Wed Sep 14 00:41:48 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <028401cc6e47$a3faae70$ebf00b50$@com>
Date: Tue, 13 Sep 2011 21:37:42 -0700
To: Dan Wing <dwing@cisco.com>
Cc: 'NANOG' <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sep 8, 2011, at 9:52 AM, Dan Wing wrote:
>> -----Original Message-----
>> From: Christian de Larrinaga [mailto:cdel@firsthand.net]
>> Sent: Thursday, September 08, 2011 8:05 AM
>> To: Cameron Byrne
>> Cc: NANOG
>> Subject: what about the users re: NAT444 or ?
>>=20
>> I wonder if the discussion as useful as it is isn't forgetting that =
the
>> edge of Internet has a stake in getting this right too! This is not
>> just an ISP problem but one where content providers and services that
>> is the users need to get from here to there in good order.
>>=20
>> So
>>=20
>> What can users do to encourage ISPs to deploy v6 to them?
Call up and ask for it? Vote with their $$ and their feet?
>> What can users do to ease the pain in reaching IPv4 only sites once
>> they are on IPv6 tails?
1. Encourage the sites they care about to implement IPv6.
2. Why is being on an IPv6 tail exclusive of being on an IPv4 tail. I =
would want
to be on a dual-stack tail (which is what I currently have).
>>=20
>> Is there not a bit of CPE needed here? What should the CPE do? and =
not
>> do? should it deprecate NAT/PAT when it receives 1918 allocation from =
a
>> CGN?
>=20
> Careful with that idea -- people like their in-home network to =
continue
> functioning even when their ISP is down or having an outage. Consider
> a home NAS holding delivering content to the stereo or the television.
> It is possible to eliminate reliance on the ISP's network and still
> have the in-home network function, but it's more difficult than just
> continuing to run NAT44 in the home like today. (Dual Stack-Lite
One can do that with or without NAT. This claim that one cannot
keep a network running without a service provider connected if you
don't run NAT is a myth of dubious origin.
> can accomplish this pretty easily, because the IPv4 addresses in
> the home can be any IPv4 address whatsoever -- which allows the
> in-home CPE ("B4", in Dual Stack-Lite parlance) to assign any address
> it wants with its built-in DHCP server.)
>=20
There are other ways to accomplish this as well.
> -d
>=20
>> and less technically but relevant I think is to ask about cost? who
>> pays?
In some cases, ISPs will provide new CPE to their end users. In other =
cases,
end-users will be expected to pay to upgrade their own.
Owen
>>=20
>>=20
>> Christian
>>=20
>> On 8 Sep 2011, at 15:02, Cameron Byrne wrote:
>>=20
>>> On Sep 8, 2011 1:47 AM, "Leigh Porter" =
<leigh.porter@ukbroadband.com>
>> wrote:
>>>>=20
>>>>=20
>>>>=20
>>>>> -----Original Message-----
>>>>> From: Owen DeLong [mailto:owen@delong.com]
>>>>> Sent: 08 September 2011 01:22
>>>>> To: Leigh Porter
>>>>> Cc: Seth Mos; NANOG
>>>>> Subject: Re: NAT444 or ?
>>>>>=20
>>>>>> Considering that offices, schools etc regularly have far more =
than
>> 10
>>>>> users per IP, I think this limit is a little low. I've happily had
>>>>> around 300 per public IP address on a large WiFi network, granted
>> these
>>>>> are all different kinds of users, it is just something that
>> operational
>>>>> experience will have to demonstrate.
>>>>>>=20
>>>>> Yes, but, you are counting individual users whereas at the NAT444
>>>>> level, what's really being counted is end-customer sites not
>> individual
>>>>> users, so the term
>>>>> "users" is a bit misleading in the context. A given end-customer
>> site
>>>>> may be from 1 to 50 or more individual users.
>>>>=20
>>>> Indeed, my users are using LTE dongles mostly so I expect they will
>> be
>>> single users. At the moment on the WiMAX network I see around 35
>> sessions
>>> from a WiMAX modem on average rising to about 50 at peak times. =
These
>> are a
>>> combination of individual users and "home modems".
>>>>=20
>>>> We had some older modems that had integrated NAT that was broken =
and
>>> locked up the modem at 200 sessions. Then some old base station
>> software
>>> died at about 10K sessions. So we monitor these things now..
>>>>=20
>>>>=20
>>>>>=20
>>>>>> I would love to avoid NAT444, I do not see a viable way around it
>> at
>>>>> the moment. Unless the Department of Work and Pensions release
>> their /8
>>>>> that is ;-)
>>>>>>=20
>>>>>=20
>>>>> The best mitigation really is to get IPv6 deployed as rapidly and
>>>>> widely as possible. The more stuff can go native IPv6, the less
>> depends
>>>>> on fragile NAT444.
>>>>=20
>>>> Absolutely. Even things like google maps, if that can be dumped on
>> v6,
>>> it'll save a load of sessions from people. The sooner services such
>> as
>>> Microsoft Update turn on v6 the better as well. I would also like =
the
>> CDNs
>>> to be able to deliver content in v6 (even if the main page is v4)
>> which
>>> again will reduce the traffic that has to traverse any NAT.
>>>>=20
>>>> Soon, I think content providers (and providers of other services on
>> the
>>> 'net) will roll v6 because of the performance increase as v6 will =
not
>> have
>>> to traverse all this NAT and be subject to session limits, timeouts
>> and
>>> such.
>>>>=20
>>>=20
>>> What do you mean by performance increase? If performance equals
>> latency, v4
>>> will win for a long while still. Cgn does not add measurable =
latency.
>>>=20
>>> Cb
>>>> --
>>>> Leigh
>>>>=20
>>>>=20
>>>>=20
>> =
______________________________________________________________________
>>>> This email has been scanned by the MessageLabs Email Security
>> System.
>>>> For more information please visit http://www.messagelabs.com/email
>>>>=20
>> =
______________________________________________________________________
>>>>=20
>=20
>=20
