[arin-ppml] Just a reminder of some quick mathematicsfor IPv4that shows the long term impossibility of it

Ted Mittelstaedt tedm at ipinc.net
Sat May 14 10:56:06 EDT 2011

On 5/13/2011 5:49 PM, Mike Burns wrote:
> Hi Ted and thanks for the financial concern,
>> I would say in your case that it IS a nightmare. It's a financial
>> nightmare.
>> Did the CGN box you put in save you money? It seems to me that it
>> did not. It seems to me you spend a lot of money 3 years ago to do
>> this and that expense did nothing to get you more revenue. It seems
>> to me that if you HADN'T spent the money on the CGN box that you
>> would still have those same 100 customers today, you would have the
>> last 3 years * 100 in revenue from them - you just wouldn't have the
>> loss of money you spent on the CGN box.
> I had redundant CGN boxes running Mikrotik.
> Those are really cheap.
> Remember this was a test for my personal edification.
> I had plenty of IP addresses available to me.
> In fact, upon any complaint I judged to be CGN related, they would have
> had a real ip back in minutes.
> I was suprised that the one guy who needed inbound access accepted a
> static port without question.

Maybe all your 100 customers already switched to IPv6 and didn't
care about IPv4?  ;-)

But it is easy to be responsive when you have just 1 guy out of
100 who needed a static port map.  I don't see large ISPs who
are a lot less customer responsive wanting to increase their
support burden.

And, incidentally, for that static
port map to work, you have to statically assign him an IP number,
thus he isn't dynamically assigned anymore.  Thus you have to start
changing your network around.

And what if 1/2 of the 100 were businesses that had their own
mailservers and needed port 25 mapped to them?

None of this is very scalable.

>> Incorrect. I was around back then and the goal WAS end-to-end
>> reachability. The difference was that hosts then had lots of
>> users connected to them with RS232 terminals.
> Ted, I was around, too. I had an ARPANET account at Brookhaven National
> Labs in 1978.
> There were many operating systems running the hosts on the ARPANET, the
> goal was end-to-end communication among researchers, basically.
> I don't want to continue this minor digression, though, so I will
> concede the point.
>>> In fact, the era of end-to-end for the Internet was the limited
>>> timeframe between popular acceptance and NAT.
>> Wrong because most people back then dialed in with a modem using
>> a terminal emulator program. The first connectivity was e-mail
>> gateways between the Internet and BBS networks like FidoNet.
>> The WWW came about later and it still wasn't that interesting until
>> pretty late in the 90's, around 96-97. And NAT came about when
>> most home users were still using dialup to connect to the Internet.
> That's what I meant to write. Things got interesting in the mid-90s.
> NAT came out shortly thereafter. NAT ended the end-to-end connectivity
> thing.

No, actually it didn't.  The reason why is that the NAT's were at the
customer site.  So if the customer wanted e2e for a specific 
application, like e-mail, they could add a port map or whatever to
their NAT without involving the ISP.  That is close enough to real
e2e that it is, as the line goes "good enough for government work"

> And yet the Internet exploded in size.
> Dialup was not really end-to-end because there weren't fixed IP
> addresses, so not many were hosting servers on dialup.
> (I know there were exceptions, I once got a /24 with a dialup account
> back in 1995.)

Central Point Software had one of those from PSInet on a 9600bps
Telebit Trailblazer around that time I think.

>>> Most people would fear to put a real IP address on a computer today, I
>>> know that I would.
>>> I use Logmein from behind NAT to address another computer behind another
>>> NAT.
>> logmein is not free for business use so your probably violating TOS.
> I don't remember saying I used the free one.
>> And if you paid for it why should everyone else in the world pay
>> that company? Remote Desktop is free for business and personal use
>> and does not require some wacky active x control or java applet to
>> run in a browser. So is VNC. both of these are also faster.
> I use both of these products, too.
> I started with Carbon Copy over modems.
> Full disclosure: I have done some consulting for Logmein.
> In the real world I use Logmein for instances behind NAT.
> It's especially valuable for the rapid setup of remote support because
> it does not require firewall changes.
> People are willing to pay for that ability, according to their success
> in the market.

IT support orgs are forced to pay for it because of NAT.  That's not

>>> Rendezvous servers exist for that purpose, and the market favors them.
>>> Holding on to some dream of complete end-to-end reachability leaves out
>>> the inevitable firewall application between them in any case.
>>> Juniper and Cisco have enabled CGN on their big iron boxes, do you think
>>> they are unaware of the nightmarish negative impact of CGN you ascribe?
>> They OFFER CGN on their big iron they don't "enable" it, the admin
>> has to configure it for it to be enabled. And naturally they don't mind
>> if an admin does because they get to sell them more hardware that way.
>> Ted
> Well, we won't have to wait too much longer to see who is correct in
> their appraisal of the perils of CGN.
> I assume somebody paid the coders at Cisco to write the CGN code.
> I doubt that would have happened if Cisco's research showed customers
> would reject it.

With Cisco it isn't about whether or not a feature is present, it's 
about whether or not a feature that is present is free of enough bugs to
be usable.  They didn't get IPv6 support fixed in integrated routing and
bridging until IOS 15.0 that's been almost 15 years since they first 
claimed "IPv6 support" in IOS.  You may think it's a minor issue but
any ISP that delivers bridged DSL with Cisco routers was affected.

And if Cisco was so good why are you using Mikrotik?

> Regards,
> Mike

One last thing to consider:

Do you think ISP's delivering CGN will never deliver IPv6 dual-stack to
their customers?  Because once they start delivering IPv6 then the 
customers have e2e - over the IPv6 network.

Thus, any problems with a CGN IPv4 connectivity will be solvable by
just doing the e2e over IPv6.  That's kind of like saying your
broken-down '56 Ford truck is still on the road because you bought
a trailer for it and tow it around everywhere...


More information about the ARIN-PPML mailing list