Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK ISP PlusNet Testing Carrier-Grade NAT Instead of IPv6

Posted by Unknown on from the proxy-banned-from-posting dept.

judgecorp writes "Faced with the shortage of IPv4 addresses and the failure of IPv6 to take off, British ISP PlusNet is testing carrier-grade network address translation CG-NAT, where potentially all the ISP's customers could be sharing one IP address, through a gateway. The move is controversial as it could make some Internet services fail, but PlusNet says it is inevitable, and only a test at this stage." Regarding the failure of IPv6, these graphs imply otherwise.

19 of 445 comments (clear)

  1. Not "instead of", but "in addition to" by Anonymous Coward · · Score: 5, Insightful

    Dual-stack deployment with NAT'd IPv4 alongside with IPv6 is the only viable short-term option for consumer ISPs. You can't just cut off people from the IPv4 internet, you'd leave them with a pretty much useless internet connection.

    1. Re:Not "instead of", but "in addition to" by bobbied · · Score: 4, Interesting

      You are right.

      I never really understood why we didn't just map all the IPv4 addresses to a IPv6 subset and provide a very simple rule to translate, say by adding all zeros or some other number to the IPv4 address to get its IPv6 one. Then start forcing the adoption of IPv6 by not accepting v4 traffic from the top down though the domain registration authorities and hosting providers. Get legal agreements from them to not route IPv4 traffic in exchange for IPv6 address assignments and allowing new domain registrations, force top level domain authorities to only support IPv6 going forward.

      You want to keep your website available? You want your customers to see new domains? You need a IPv6 assignment because we won't route v4 traffic and DNS is going to give you an IPv6 address. ISP's would then be free to provide IPv4 connections, but only if they did the translation to IPv6 internally themselves, which would end up costing IPv4 customers more money and limiting what they can see.

      Eventually, there would be enough pressure for the ISP's to push IPv6 down the food chain to the end user who will either pay more for IPv4 service, or upgrade to IPv6. Eventually there will be a tipping point and IPv6 will see universal acceptance.

      The problem here is that nobody really has the necessary power to force IPv6 on the world.... So we will keep bumping along trying more and more incremental patches to IPv4. Eventually, you could be behind 20 NATs wondering why your SIPP/VOIP device won't make any calls...

      Hey, how about we just put all of the adult content on IPv6 only addresses.... You know THAT would set a fire under things....

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    2. Re:Not "instead of", but "in addition to" by Chirs · · Score: 5, Informative

      I never really understood why we didn't just map all the IPv4 addresses to a IPv6 subset and provide a very simple rule to translate, say by adding all zeros or some other number to the IPv4 address to get its IPv6 one.

      Um....they did?

      http://en.wikipedia.org/wiki/IPv6#IPv4-mapped_IPv6_addresses

  2. Re:I recall MxStream by MickyTheIdiot · · Score: 5, Insightful

    This may be a feature and not a bug to these ISPs.

    The business has changed. They are probably fine with screwing up incoming services. They can charge to fix what they screwed up by using NAT.

  3. This is just the beginning by alphaminus · · Score: 5, Informative

    Rather than doing this correctly, it will go like this. All "home" users will get CG-NAT. "Business" users will be allowed public IPs at a steep premium, and only when that possibility is completely exhausted, will IPv6 truly begin to be implemented. Hell, people might just use duct tape code and NAT subterfuge to drag this out another decade or two.

  4. Re:I recall MxStream by Anonymous Coward · · Score: 5, Insightful

    Consumer grade network connections do not run servers.

    A far bigger problem is that a lot of internet services these days use IP-based blocks as the final "brute force" version of "you are abusing the service, go away". It would really suck to be under an ISP that shows every customer coming from a single IP. You'd find yourself banned from all kinds of random places as soon as someone using the same ISP decides to be an idiot.

  5. My Rant.... by ZiakII · · Score: 5, Informative

    How the hell does slashdot.org not support IPV6, I thought this was a tech website?

    1. Re:My Rant.... by Mr_Silver · · Score: 5, Informative

      How the hell does slashdot.org not support IPV6, I thought this was a tech website?

      Forget IPV6 ... it doesn't have valid HTML, valid CSS and looks terrible on mobile devices.

      --
      Avantslash - View Slashdot cleanly on your mobile phone.
    2. Re:My Rant.... by the+eric+conspiracy · · Score: 4, Insightful

      Edit should be supported until moderation or a reply occurs.

  6. Re:I recall MxStream by idontgno · · Score: 4, Interesting

    NAT has implications for the peer-to-peer nature of the Internet.

    For a lot of organizations, that's a bonus. If you don't trust the outside network, you certainly don't want to peer arbitrarily with them, and certainly not at any outside machine's initiative. With NAT, an outside system can't initiate connectivity with any machine inside the NAT boundary without some kind of prior arrangement, so no open-ended network scanning.

    If you treat the Internet as a big happy cloud of egalitarian peers collaborating at will, NAT sucks. If you treat the Internet as a bad neighborhood, which you have no way of avoiding between your house and the mall, NAT is the gated neighborhood you live in to keep the unsavory inhabitants of that bad neighborhood away from your pristine lawn and Lexus in the driveway. And people choose gated neighborhoods, and NAT, for that precise reason: separation and protection from the riff-raff, the panhandlers, the burglars and the car thieves, the Jehovah's Witnesses. Mostly the JWs, I think.

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  7. Re:Really instead of ? by characterZer0 · · Score: 4, Insightful

    If we had started transitioning seriously a few years ago

    Some of us did. All the computers and network equipment at my house has been ready for IPv6 for years. I am just waiting for my ISP to get with the program.

    ISPs are the problem here. But with government-granted monopolies without regulation, they have no incentive to support IPv6.

    --
    Go green: turn off your refrigerator.
  8. Re:Am I reading that graph wrong? by Guspaz · · Score: 4, Informative

    Google reports about 1% of their traffic is IPv6. That's probably a better estimate of IPv6 deployment.

  9. Re:I recall MxStream by Tridus · · Score: 5, Insightful

    Yes they do, pretty regularly. Ever played a multiplayer game?

    --
    -- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
  10. Re:I recall MxStream by Anonymous Coward · · Score: 4, Informative

    NAT has implications for the peer-to-peer nature of the Internet.

    For a lot of organizations, that's a bonus. If you don't trust the outside network, you certainly don't want to peer arbitrarily with them, and certainly not at any outside machine's initiative. With NAT, an outside system can't initiate connectivity with any machine inside the NAT boundary without some kind of prior arrangement, so no open-ended network scanning.

    That's what firewalls are for, not NAT. Please stop confusing the two.

  11. IP Theft from IP... by KitFox · · Score: 5, Interesting

    So what happens when the "copyright enforcement agencies" decide that somebody on that NAT IP has downloaded a movie and three strikes or something similar gets kicked in for the IP? (I know it's perfectly possible given port, IP, and Time to back-track a connection through a properly-logged NAT.Just an amusing side effect if somebody is dumb, and dumb happens a lot these days.)

    --

    @Whee

  12. Re:I recall MxStream by JDG1980 · · Score: 5, Insightful

    That will be a problem of the ISP then, if their customers can't use legitimate services because the ISP can't differentiate between the culprit and the innocent customers, the ISP has a problem. The ISP then has to have either a very good customer management which allows to disconnect culprits very fast without too many false positives, or the ISP has to introduce some kind of class ips, where the customers without complains share the "good ip", and customers with some bad stains get degraded to other, partly blacklisted IPs.

    Do you really think any ISPs are going to take on these kinds of responsibilities? You're expecting them to basically be moderators for every forum on the Internet. Aside from the fact that they *shouldn't* be doing this (they should be dumb pipes), they also don't *want* to do this because it's logistically impossible and would open them up to potential legal liability.

  13. Three birds with one stone by tepples · · Score: 4, Interesting

    That's what firewalls are for, not NAT. Please stop confusing the two.

    But they're not entirely orthogonal, as NAT imposes a firewall by default. It takes down three birds with one stone, namely delaying the effects of IPv4 depletion until an IPv6 rollout can be afforded, firewalling out those assumed to be unsavory, and upselling business class connections to home-based businesses. How would NAT be implemented without a firewall?

    1. Re:Three birds with one stone by mellon · · Score: 4, Insightful

      This is actually not true. Most NATs can be penetrated from the outside; they have to be able to be penetrated, or things like Skype don't work. Pretty much any UDP-based protocol requires that the NAT open holes. So the notion that NAT == Firewall is utterly incorrect, and in fact the feeling of security that you apparently have based on this misconception is likely to cause you harm in the future.

  14. Big Dumb Pipe by ThatsNotPudding · · Score: 5, Interesting

    There should be a Kickstarter campaign to create an ISP that is actually named Big Dumb Pipe with promises not to up sell, or offer 'cloud storage', or offer security suites to protect your snowflakes, or pretend to be a content creator, but merely provide access and up time, for they are only a Big Dumb Pipe (tm). Oh; and no caps or throttling.