8

I was just reading How bad is IPv4 address exhaustion really? and noticed this comment, which seems to imply that carrier grade NAT is actually widely deployed. I was always under the impression that very few ISPs deployed carrier grade NAT and instead just bit the bullet and deployed IPv6 (though now that I think about it I don't know where I got that idea from).

Is that not the case?

strugee
  • 901
  • 10
  • 25
  • 3
    CGN is pretty widely deployed by small to medium ISPs for residential customers because they are hoarding their precious pool of public IPv4 addresses for business customers willing to pay for the privilege. The use is growing. – Ron Maupin Feb 02 '18 at 01:31
  • Some of the biggest ISPs are actually rolling out IPv6, and the home router vendors have that built in now, so I have actually come across people using IPv6 without even knowing it. Comcast, AT&T, Verizon, etc. all have very extensive IPv6 deployments. Just about all the U.S.-based 4G LTE runs on IPv6. – Ron Maupin Feb 02 '18 at 02:11
  • 3
    Even Comcast has begun deploying large scale NAT (I refuse to call something that makes the Internet less reliable "carrier grade"), but they deployed IPv6 first. – Michael Hampton Feb 02 '18 at 02:48
  • Comcast uses Ds-lite so you don't get an actual ipv4 address until your exiting their AFTR, traffic between you at them is all v6 – Jacob Evans Feb 02 '18 at 03:22
  • 3
    @JacobEvans This was not the case when I had Comcast up to a year ago; it was all native dual stack. AFAIK they ran a DS-Lite trial several years ago but never rolled it out to any significant degree. – Michael Hampton Feb 02 '18 at 18:20
  • Basically you can't run IPv6-only without some form of CGNAT, because too many services are still IPv4-only. – TJJ Nov 13 '19 at 22:54

3 Answers3

5

My experience in the UK:

Pretty much all mobile networks have been running "CGN" for years. EE (our largest mobile network) is now starting to deploy (AIUI it's postpaid only at the moment) IPv6 only with NAT64 motivated by shortages of private address space.

Some of the smaller/newer fixed-line providers (for example hyperoptic) are also using "CGN" because of IPv4-availability issues. The big providers still seem to be mostly handing out public IPv4 (sometimes with dual-stack IPv6, sometimes without) though I understand they are considering their options for post-runout service.

A SKY (one of our largest ISPs) engineer said in a uknof talk that they tried CGN and found it an expensive option and that this was what allowed the engineers to convince the bean counters to deploy IPv6. I heard rumours they are considering 464XLAT (NAT64 in the ISP network, NAT46 in the CPE) for the residual IPv4 traffic but I can't confirm that.

Peter Green
  • 4,056
  • 10
  • 29
2

In germany most if not all mobile carriers use CGNAT.

On the other hand it seems that most DSL customers get an IPv4 and since a year or two there are quite a few ISPs who started to use full dual stack handing out prefixed betweet /56 and /48.

allo
  • 1,524
  • 1
  • 19
  • 35
1

It's fairly widely deployed. My local ISP (a WISP specializing in serving rural customers in the USA) offers only CGNAT connections.

It is widely used in Europe, where the IPv4 address shortage has hit a couple years before it hit the USA. Europol (the European police agency) has called on ISPs to discontinue CGNAT because it prevents tracing IP addresses back to the end user.

Germany's Unitymedia uses DS-Lite (DS=dual-stack). It uses a variation of CGNAT. The end user gets a standard IPv6 network, and IPv4 traffic (which of course is the vast majority of traffic) runs through an IPv6 tunnel and is fed into the IPv4 Internet somewhere within Unitymedia.

Kevin Keane
  • 860
  • 1
  • 8
  • 13
  • 1
    Actually by traffic volume IPv4 may not be as "vast majority" as you think. While a depressingly small percentage of websites are IPv6 enabled a small number of sites (youtube, netflix etc) often account for a surprising proportion of traffic. – Peter Green May 24 '18 at 16:56