On Fri, Nov 22, 2013 at 5:12 PM, Warren Kumari <warren@xxxxxxxxxx> wrote:
So, something that has always confused me abut the CGN deployment discussions and scaling is the number of customers (victims?!) that people want to put behind an IP…
On Nov 22, 2013, at 6:11 PM, Ted Lemon <ted.lemon@xxxxxxxxxxx> wrote:
> On Nov 22, 2013, at 2:29 PM, Phillip Hallam-Baker <hallam@xxxxxxxxx> wrote:
>> They will scale fine just like the dialup pools have scaled fine.
>
> Dialup pools are stateless. CGNs are stateful. They do not scale the same way. This is not to say that you _can't_ scale CGNs—
If you are an operating ISP with e.g a /18 you can have ~16,000 customers[0]. Great, you are still growing, and want to add another 10,000 users, good for you.
For some reason at this point many ISPs start talking about putting on the order of 100s of users behind an IP, then the discussion turns into port starvation and scaling and such…
What's wrong with putting 2 users behind each IP? Are you really planning on doubling your size *before* significant advances in v6 deployment and CGN scaling come about? Yes? Ok, so put 4 users behind one IP (note, I did not say "device") -- are you really planning on quadrupling in the next few years? And if so, are you hiring? :-P
Sharing a single IP among a group of users is clearly not optimal as the probability of contention is much higher than sharing a pool of IP among a group of users. But assuming you are saying an average of n users per IP, I don't think that is going to be much of a problem. A 16 IP address pool should be able to support 2048 customers without anyone noticing much. That would almost certainly be enough to stretch the remaining IPv4 addresses to cover the transition needs.
Seriously, I don't get the "If we deploy CGN's we have to cram as many users behind one address as possible…" bit -- can anyone enlighten me?
I've run some big NATs (for example, for AOL's corporate network) and yes it sucks, but you can minimize your (and your customer's) pain by overloading as little as possible….
Sure, fair 'nuff, no argument here….
> it's just easier to scale stateless-core NATs. I say this based on zero operational experience, of course... :)
W
[0]: Yes, yes, handwave, handwave, packing issues, infrastructure space, etc. Been there, run a network… Skipping all that for easy of discussion.
--
There were such things as dwarf gods. Dwarfs were not a naturally religious species, but in a world where pit props could crack without warning and pockets of fire damp could suddenly explode they'd seen the need for gods as the sort of supernatural equivalent of a hard hat. Besides, when you hit your thumb with an eight-pound hammer it's nice to be able to blaspheme. It takes a very special and straong-minded kind of atheist to jump up and down with their hand clasped under their other armpit and shout, "Oh, random-fluctuations-in-the-space-time-continuum!" or "Aaargh, primitive-and-outmoded-concept on a crutch!"
-- Terry Pratchett
Website: http://hallambaker.com/