[arin-ppml] ARIN-prop-127: Shared Transition Space for IPv4Address Extension
C.Donley at cablelabs.com
Fri Jan 21 17:24:51 EST 2011
From: George Bonser [mailto:gbonser at seven.com]
Sent: Friday, January 21, 2011 2:54 PM
To: Chris Donley; Chris Grundemann
Cc: arin-ppml at arin.net
Subject: RE: [arin-ppml] ARIN-prop-127: Shared Transition Space for IPv4Address Extension
> From: Chris Donley
> Sent: Friday, January 21, 2011 1:49 PM
> To: George Bonser; Chris Grundemann
> Cc: arin-ppml at arin.net
> Subject: RE: [arin-ppml] ARIN-prop-127: Shared Transition Space for
> IPv4Address Extension
> Still, my major source of discomfort is enabling v4 forever.
> [CD] I think the market will take care of that. NAT444 is going to
> suck for all but the most basic services. It will offer a degraded
> quality of experience for video streaming, gaming, voice, etc. -
> services customers want to use. IPv6 will offer a better quality of
> experience through bypassing the NAT. Customers will get the message
> and start using IPv6 as they replace legacy devices. As Owen said,
> NAT444 is a great business case for IPv6. I don't see any way around
> NAT444, though. It's the only IPv4 extension technology that's
> deployable and doesn't require a new home gateway.
Why is it going to suck? We are actually doing it now, pretty much. A computer in an office opens a connection to a content provider. That
RFC1918 packet gets NATed to a global IP somewhere. That packet then hits a load balancer at the content provider where it is again translated and directed to a machine in 1918 space again.
For all practical purposes most of the traffic in the v4 Internet today is already NAT444
In and of itself it isn't going to break anything that doesn't already break today unless someone tries to use an underpowered box to do the NAT.
[CD] We tested it in the lab. Among other problems, NAT444 breaks UPnP - the application in the home can open the port in the first NAT gateway, but not in the CGN. Also, NAT444 breaks geolocation (geo points back to the CGN, not the customer), abuse response (reporter now needs port/timestamp as well), DDoS protection, etc. Further, some websites throttle the number of connections/simultaneous streams per IP address. Voice calls fail, video streams degrade, games break, FTP sessions time out, and peer-to-peer seeding is blocked. Basic web surfing and email works, but customers are looking for more than that.
More information about the ARIN-PPML