& cplSiteName &

The Ugly Side of IPv6: Carrier-Grade NAT

Carol Wilson
6/10/2011
50%
50%

People living up north spend long, cold winters pining for summer -- until the first 90-degree day arrives. ISPs have been anticipating the arrival of IPv6 for years, but now are faced with the sometimes-messy process of living with two IP addressing schemes.

Causing much of the anxiety is carrier-grade Network Address Translation, or NAT. Also known as large-scale NAT or LSN, this is technology offered by the big router makers to move the process of IP address translation into the network, from its previous domain of the customer premises. NAT is the technology that has for many years prolonged the life of IPv4 by serving as the translator between private IPv4 addresses on a local network and shared public IPv4 addresses. Were it not for the widespread use of NAT44, as it is known, IPv4 addresses would have been used up many years ago, as once predicted.

Carrier-grade NAT will also be something of a Band-Aid solution to the immediate problem of having to support existing IPv4-based devices and users as IPv6 rolls into the network. Most people agree that some kind carrier-grade NAT is inevitable, but that doesn't mean they like it.

"It's going to happen -- at the point where you cannot provision new IPv4 services for consumers or service providers or content providers, and you have to make sure the user base can access content regardless of whether they are v4 or v6, we will probably have to do carrier-grade NATs," says Nicolas Fischbach, director of Network Architecture at Colt Technology Services Group Ltd (London: COLT). "We would love to have the answer to avoid or limit carrier-grade NATs as much as possible."

Economic motivation
The initial deployment of carrier-grade NATs will be to cut potential costs. ISPs serving the mass market cannot afford to replace the millions of DSL routers and cable modems that are already deployed and are IPv4 only.

"They also have to be concerned with other devices in the home -- computers and operating systems in that home network, print servers their customers may have bought at BestBuy 10 years ago," says Doug Junkins, CTO of NTT America Inc. .

So mass-market service providers will have to provide a significantly greater amount of support for their customers -- or find a way to deal with translating IP addresses in the network, which is what carrier-grade NAT provides.

"I think most providers that serve the mass market are looking at carrier--grade NAT because we know everyone is not going to cut to V6 at once, and there will be a lot of v4 endpoints, so this would be one way to transition," says Jean McManus, executive director of Verizon Communications Inc. (NYSE: VZ)’s Corporate Technology Organization.

On the enterprise side, where there are relatively fewer endpoints, carrier-grade NAT is probably not required, according to both McManus and Junkins.

Potential problems
So what's the objection to using carrier-grade NATs as a transition strategy? Much of it seems to be based on concerns that adding another layer of address translation and yet another box to the network creates inefficiencies and other potential problems. And some of the resistance is based on the fact there is still uncertainty as to how carrier-grade NAT will be deployed.

To the latter point, Verizon's McManus says the industry is still working out many of the key issues.

"There are different implementations -- some are on routers or stand-alone boxes, or you can dedicate a router as a carrier-grade NAT -- there are different approaches which depend on the different carrier environments," she says. "A lot depends on how deep into the network you do the network address translation and how much you scale it."

Where NAT happens also will be a cost issue, Junkins says, with some tradeoffs built in. The closer to the customer that NAT happens, the better performance will be, but the more boxes will be required.

That issue of where the NAT happens -- whether it is close to the edge or deep in the network -- is a critical one for companies such as Akamai Technologies Inc. (Nasdaq: AKAM), which is distributing content globally, says Andy Champagne, VP of engineering.

"We have potential concerns -- clearly there is a scenario where it could be detrimental to our business," Champagne says. "Obviously, if you have a national network and you choose to put up two NAT sites and shove all the traffic through those two egress points, it's going to be problematical for anyone serving a lot of content. But there are smart folks at these companies who can figure that out."

At best, though, Akamai considers carrier-grade NAT an "ugly" process, and much prefers to see native IPv6 traffic served from dual-stacking in the network, or having IPv4 and IPv6 routers sitting side-by-side.

That's been described by IP Consultant Jeff Doyle as the network equivalent of being bilingual.

Industry fears
By contrast, carrier-grade NAT literally puts a lot of translators into the network, and that can be problematic for some applications.

"Everybody is afraid of it -- the carrier-grade NAT devices are very expensive boxes, there's a lot of state you have to keep, and some applications will start to break in the process," says Tim Winters, senior manager of the complink 7913|University of New Hampshire InterOperability Laboratory (IOL)}. "There are definitely going to be tough choices to make."

There are also concerns about how well NAT will scale, says John Curran, CEO of ARIN, and how well it performs as the volume of traffic increases.

The good news, as far as NTT's Junkins is concerned, is that carrier-grade NAT is likely to be a short-term solution.

"In the short term, when there is still a relatively small amount of content available, the investment to install a large-scale NAT box will be less," Junkins says. "But over time as more IPv6 content becomes available and the performance of those large-scale NAT boxes start to deteriorate, the quality of service or quality of experience that customers are getting from the network is effected and there will come a crossover point, where it becomes more advantageous to serve traffic natively."

World IPv6 Day went well enough that everyone is expecting more content to become available in IPv6, and that in turn will push the industry to get its act together on how to handle that traffic and what role carrier-grade NAT has to play and for how long.

"We still have a lot to learn about this," concludes Colt's Fischbach.

— Carol Wilson, Chief Editor, Events, Light Reading

(8)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
fgoldstein
50%
50%
fgoldstein,
User Rank: Light Sabre
12/5/2012 | 5:02:20 PM
re: The Ugly Side of IPv6: Carrier-Grade NAT


The fallacy here is that IP address is somehow sacred.  The connection identifier in TCP/IP networks is the 48-bit string consiting of an IP address and the port number. This can be a local value.  Hell, anybody remember hoary old X.25?  Its connection ID was local too.  No issue.


The only reason why NAT bothers folks is that there are broken applications that put the IP address inside the application.  FTP did this 40 years ago because the BBN PTIP didn't have enough memory to support priint service otherwise -- "port" really was a port on the terminal server.  But why do people still do that?  Stick to names and it will work okay.

paolo.franzoi
50%
50%
paolo.franzoi,
User Rank: Light Sabre
12/5/2012 | 5:02:20 PM
re: The Ugly Side of IPv6: Carrier-Grade NAT


Carol,


I think your perspective is not wrong but maybe a bit skewed.


What I seen in the business side of things is LOTS and LOTS of old equipment.  Stuff that is obsolete or has not had software upgrades in years.  Some things are working and have no reason to change.


I personally think THAT is the horror story of IPv6 which is going to drive carrier NAT.  There is going to be such a hew and cry to connect to the 6 bone from a service within a firm that is v4 only that there will be no choice.


I think of this transition as similar to (in some ways) to the Y2K problem.  With one exception, nobody knows for sure when they have to invest to fix it in an Enterprise.  Some of this investment is not Capex, but might be quite interesting.  For example, how many of you are running say Windows 2003 Servers and are not 100% positive that IPv6 is enabled.  How many old JVMs are there out there that crash when you enable IPv6?  Are you 100% sure your Mail Gateway can look up Quad A records?  Have you tried it?


seven


 

sgamble
50%
50%
sgamble,
User Rank: Light Beer
12/5/2012 | 5:02:20 PM
re: The Ugly Side of IPv6: Carrier-Grade NAT


"I think of this transition as similar to (in some ways) to the Y2K problem."


 


Remember upgrading IOS to > 11.x (I think it was) to be "Y2K compliant".  Worked wonders for Cisco to get those 2500s out in the wild off of 9/10 IOS streams.


Contracts I worked on also used it as a great opportunity to justify swapping out their 4000 routers, 5000 CATs to next-gen products ;)


I am sure we will see a lot of this for "IPv6 Compliance."  More spending and more jobs.  Not a bad thing :)

cnwedit
50%
50%
cnwedit,
User Rank: Light Beer
12/5/2012 | 5:02:18 PM
re: The Ugly Side of IPv6: Carrier-Grade NAT


I don't disagree with the idea that there are business issues as well around IPv6, especially when it comes to embedded IPv4 addresses in all kinds of places in the enterprise, but every carrier I talked to, and I talked to a lot of them, said the same thing, that it was the mass-market driving carrier-grade NAT, and that they will deal with enterprise issues in other ways.


I admit I'm not the expert here, just the reporter, so if they are all skewing my perspective, I'm stuck.

allen007
50%
50%
allen007,
User Rank: Light Beer
12/5/2012 | 5:02:18 PM
re: The Ugly Side of IPv6: Carrier-Grade NAT


There will be some issues with translations, latency and complexity of a possible overlay network.  In saying this ...this could be a great opportunity for Juniper  Network to shine given the workload.


 


Time will tell ....

paolo.franzoi
50%
50%
paolo.franzoi,
User Rank: Light Sabre
12/5/2012 | 5:02:17 PM
re: The Ugly Side of IPv6: Carrier-Grade NAT


Carol,


I think maybe it is an accountability thing.  Carriers know how much IPv4 gear they have put out there and expect to have to deal with that and other consumer issues.  I am guessing they are expecting IT groups to deal with the business customer issues.


seven


 

cnwedit
50%
50%
cnwedit,
User Rank: Light Beer
12/5/2012 | 5:02:15 PM
re: The Ugly Side of IPv6: Carrier-Grade NAT


And they expect to make some extra $$$ selling professional services to enterprises to tell them how to handle the transition and to walk them through it.

fgoldstein
50%
50%
fgoldstein,
User Rank: Light Sabre
12/5/2012 | 5:02:13 PM
re: The Ugly Side of IPv6: Carrier-Grade NAT


The Y2K analogy is pretty good here.  It's a panic over nothing.  Yes, we ran out of 2-digit years.  Yes, we "ran out" of virginal IPv4 addresses.  And yes, the US ran out of homestead farmland early in the last century, but somehow agriculture continued.  A market developed for farmland.  Anohter analogy is to the rapturists, who believe that the world ends last month, or this October, or whatever, but quick send him all your money before then so he can spread the word.  (No refunds if he's wrong, though.)


There's really no reason for anyone to make the transition, since IPv6 was misbegotten in the first place and doesn't fix anything that needs fixing.  It's a vendor-driven fantasy.  IPv4 needs NAT, but so does IPv6, and IPv4 wastes fewer header bits and it is much better understood.

Featured Video
From The Founder
The 'gleaming city on a hill,' Steve Saunders calls it. But who is going to take us from today's NFV componentry to the grand future of a self-driving network? Here's a look at the vendors hoping to make it happen.
Flash Poll
Upcoming Live Events
September 28, 2017, Denver, CO
October 18, 2017, Colorado Convention Center - Denver, CO
November 1, 2017, The Royal Garden Hotel
November 1, 2017, The Montcalm Marble Arch
November 2, 2017, 8 Northumberland Avenue, London, UK
November 2, 2017, 8 Northumberland Avenue – London
November 10, 2017, The Westin Times Square, New York, NY
November 30, 2017, The Westin Times Square
All Upcoming Live Events
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
Could 5G Have Found Its Glass Ceiling?
Dan Jones, Mobile Editor, 9/20/2017
1 Million Pirate Set-Top Boxes Sold in the UK
Aditya Kishore, Practice Leader, Video Transformation, Telco Transformation, 9/20/2017
Comcast Shuts Down OTT Again
Mari Silbey, Senior Editor, Cable/Video, 9/19/2017
Why Amazon May Be Cable's Biggest Threat
Mari Silbey, Senior Editor, Cable/Video, 9/22/2017
Photo Highlights: Operations Transformation Forum 2017
Ray Le Maistre, International Group Editor, 9/17/2017
Animals with Phones
Live Digital Audio

Understanding the full experience of women in technology requires starting at the collegiate level (or sooner) and studying the technologies women are involved with, company cultures they're part of and personal experiences of individuals.

During this WiC radio show, we will talk with Nicole Engelbert, the director of Research & Analysis for Ovum Technology and a 23-year telecom industry veteran, about her experiences and perspectives on women in tech. Engelbert covers infrastructure, applications and industries for Ovum, but she is also involved in the research firm's higher education team and has helped colleges and universities globally leverage technology as a strategy for improving recruitment, retention and graduation performance.

She will share her unique insight into the collegiate level, where women pursuing engineering and STEM-related degrees is dwindling. Engelbert will also reveal new, original Ovum research on the topics of artificial intelligence, the Internet of Things, security and augmented reality, as well as discuss what each of those technologies might mean for women in our field. As always, we'll also leave plenty of time to answer all your questions live on the air and chat board.

Like Us on Facebook
Twitter Feed