nanog mailing list archives

RE: NAT444 or ?

From: Leigh Porter <leigh.porter () ukbroadband com>
Date: Thu, 8 Sep 2011 08:48:16 +0000

-----Original Message-----
From: Owen DeLong [mailto:owen () delong com]
Sent: 08 September 2011 01:22
To: Leigh Porter
Cc: Seth Mos; NANOG
Subject: Re: NAT444 or ?

Considering that offices, schools etc regularly have far more than 10

users per IP, I think this limit is a little low. I've happily had
around 300 per public IP address on a large WiFi network, granted these
are all different kinds of users, it is just something that operational
experience will have to demonstrate.

Yes, but, you are counting individual users whereas at the NAT444
level, what's really being counted is end-customer sites not individual
users, so the term
"users" is a bit misleading in the context. A given end-customer site
may be from 1 to 50 or more individual users.


Indeed, my users are using LTE dongles mostly so I expect they will be single users. At the moment on the WiMAX network 
I see around 35 sessions from a WiMAX modem on average rising to about 50 at peak times. These are a combination of 
individual users and "home modems".

We had some older modems that had integrated NAT that was broken and locked up the modem at 200 sessions. Then some old 
base station software died at about 10K sessions. So we monitor these things now..

I would love to avoid NAT444, I do not see a viable way around it at

the moment. Unless the Department of Work and Pensions release their /8
that is ;-)


The best mitigation really is to get IPv6 deployed as rapidly and
widely as possible. The more stuff can go native IPv6, the less depends
on fragile NAT444.


Absolutely. Even things like google maps, if that can be dumped on v6, it'll save a load of sessions from people. The 
sooner services such as Microsoft Update turn on v6 the better as well. I would also like the CDNs to be able to 
deliver content in v6 (even if the main page is v4) which again will reduce the traffic that has to traverse any NAT. 

Soon, I think content providers (and providers of other services on the 'net) will roll v6 because of the performance 
increase as v6 will not have to traverse all this NAT and be subject to session limits, timeouts and such.

--
Leigh


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

Current thread:

Re: NAT444 or ?, (continued)
- - - Re: NAT444 or ? Cameron Byrne (Sep 11)
    - RE: NAT444 or ? Dan Wing (Sep 08)
    - Re: NAT444 or ? Jean-Francois . TremblayING (Sep 07)
    - Re: NAT444 or ? Daniel Roesen (Sep 07)
    - Re: NAT444 or ? Seth Mos (Sep 07)
    - RE: NAT444 or ? Leigh Porter (Sep 07)
    - Re: NAT444 or ? Dorn Hetzel (Sep 07)
    - Re: NAT444 or ? Valdis . Kletnieks (Sep 07)
    - RE: NAT444 or ? Leigh Porter (Sep 07)
    - Re: NAT444 or ? Owen DeLong (Sep 07)
    - RE: NAT444 or ? Leigh Porter (Sep 08)
    - RE: NAT444 or ? Cameron Byrne (Sep 08)
    - what about the users re: NAT444 or ? Christian de Larrinaga (Sep 08)
    - Re: what about the users re: NAT444 or ? Lyle Giese (Sep 08)
    - Re: what about the users re: NAT444 or ? Randy Bush (Sep 08)
    - Re: what about the users re: NAT444 or ? Joel jaeggli (Sep 08)
    - Re: what about the users re: NAT444 or ? Lyle Giese (Sep 08)
    - CGN and CDN (was Re: what about the users re: NAT444 or ?) Jean-Francois . TremblayING (Sep 09)
    - Re: CGN and CDN (was Re: what about the users re: NAT444 or ?) Valdis . Kletnieks (Sep 09)
    - Re: CGN and CDN (was Re: what about the users re: NAT444 or ?) Alexander Harrowell (Sep 09)
    - Re: CGN and CDN (was Re: what about the users re: NAT444 or ?) Christian de Larrinaga (Sep 09)

(Thread continues...)