Requirements of
This presentation is the property of its rightful owner.
Sponsored Links
1 / 15

NTT Communications Corporation Shin Miyakawa [email protected] Tomohiro Nishitani PowerPoint PPT Presentation


  • 106 Views
  • Uploaded on
  • Presentation posted in: General

Requirements of Carrier Grade NAT (CGN) draft-nishitani-cgn-00.txt draft-shirasaki-isp-shared-addr-00.txt. NTT Communications Corporation Shin Miyakawa [email protected] Tomohiro Nishitani [email protected] Agenda. Background Concepts of CGN Network design of CGN

Download Presentation

NTT Communications Corporation Shin Miyakawa [email protected] Tomohiro Nishitani

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Ntt communications corporation shin miyakawa miyakawa nttv6 jp tomohiro nishitani

Requirements of Carrier Grade NAT(CGN)draft-nishitani-cgn-00.txtdraft-shirasaki-isp-shared-addr-00.txt

NTT Communications Corporation

Shin Miyakawa

[email protected]

Tomohiro Nishitani

[email protected]


Agenda

Agenda

  • Background

  • Concepts of CGN

  • Network design of CGN

  • Requirements for CGN

  • Impact of service using CGN

  • Conclusion


Background

Background

  • Because of IPv4 address “completion”, to allocate global IP address for CPEs is going to be difficult within few years.

  • Basic strategy

    • Building NAT by ISP and allocating (newly defined) private IP addresses for CPEs

    • We call this as “Carrier Grade NAT (CGN)”.


Most conservative access model changes introducing carrier grade nat

Most conservative access model changes- introducing “Carrier-Grade NAT” -

Internet

Internet

Global v4 address

Global v4 address

Access

Concentrator

Access

Concentrator

With NAT

FTTH

ADSL

(newly defined)

Private v4 address

Global v4 address

CPE

With NAT

CPE

With NAT

Private v4 address

Private v4 address

End Host

End Host


We need new private space for cgn other than 240 4

We need new private space for CGN other than 240/4

  • Because we’d like to keep CPE router as is, we can not use 240.0.0.0/4 as CGN’s new private space.

    • Simply today’s IPv4 implementation does not work well on 240.0.0.0/4

    • If CPE router firmware can be upgraded, it means that it can be upgraded to IPv6 compatible. Way better.

  • “dual stack lite” does not need this but it requires CPE router replacement. This is the pros-and-cons.

  • We are discussing this issues in

    • draft-shirasaki-isp-shared-addr-00.txt


It looks v6 is not needed

It looks v6 is not needed ?

  • Please do not feel safe. CGN (and any other carrier-grade NAT scheme) has serious restrictions anyway.

  • This draft is compiled to make CGN useful as much as possible but please note well that IPv6 will be needed eventually.

    • Discussion will be presented at IAB Technical Plenary on Wednesday.


Concepts of cgn

Concepts of CGN

  • Basic scheme

    • Sharing global IP addresses for CPEs

  • High transparency

    • No checking and altering application layer data

    • Dropping as no data as possible

  • High connectivity

    • Hairpining

    • Using UDP/TCP hole punching

  • Fairness of communication for CPEs

    • Limiting ports and TCP sessions per CPE

  • High availability

  • High scalability

Targets of

I.D-nishitani-cgn


Network design of cgn

Network design of CGN

STUN/TURN

server

UDP/TCP

hole punching

Global IP addresses

NW

CGN external

IP address

and port

CGN1

CGN2

Hairpining

Private IP addresses

WAN2

PrivateIP addresses

WAN1

CPE2

CPE1

Private IP

addresses LAN1

Private IP

addresses LAN2


Basic scheme

Basic scheme

  • Sharing global IP address for CPEs

    • REQ-1: A CGN MUST allocate one external IP address to each CPE.

      a) CGN external IP address of the UDP, TCP and ICMP MUST be same.


High transparency and high connectivity

High transparency and high connectivity

  • To comply with RFC and drafts which describe

    NAT behavior

    • REQ-7: A CGN SHOULD comply with [RFC4787] for unicast UDP.

    • REQ-8: A CGN SHOULD comply with

      [I-D.ietf-behave-tcp] for TCP.

    • REQ-9:A CGN SHOULD comply with

      [I-D.ietf-behave-nat-icmp] for ICMP.

  • To support DCCP, SCTP and IPsec ESP


Fairness to communicate for cpes 1 2

Fairness to communicate for CPEs (1/2)

  • Limiting the number of the CGN external ports of UDP and TCP,TCP sessions and ICMP identifiers

    • REQ-2 c)

    • REQ-3 c)

    • REQ-3 e)

    • REQ-4 c)

  • Allocating dynamic ports for CGN external

    UDP and TCP ports

    (from 49152 through 65535)


Fairness to communicate for cpes 2 2

Fairness to communicate for CPEs (2/2)

Exceptions of limiting ports and TCP sessions

  • REQ-5

    • Reserving UDP and TCP ports for always-available services

    • Example of available services:

      POP3, SMTP, NTP ….

  • REQ-6

    • Topass-through the communication between CPEs and

      specific hosts

    • Examples of specific hosts:

      POP3 server, DNS server, WEB server ….


Impact of service using cgn

Impact of service using CGN

  • Effects of NAT functions

    • VPN, P2P, VoIP

    • No using UPnP

  • Limiting the number of ports, TCP sessions and ICMP identifiers

    • Using many TCP sessions simultaneously

      • AJAX, Web site including rich content, P2P

    • Using many TCP sessions in short time

      • RSS reader

  • Sharing global IP addresses for CPEs

    • API which checks only IP address during authentication


Conclusion

Conclusion

  • Concepts of CGN

    • High transparency

    • High connectivity

    • Fairness of communication for CPEs

    • High availability

    • High scalability

  • Impact of service using CGN

    • Effects of NAT functions

    • Limiting the number of ports and ICMP identifiers

    • Sharing global IP addresses for CPEs


Fairness to communicate for cpes

(Fairness to communicate for CPEs)

  • REQ-9 a)

    When a CGN can't establish new session of TCP/UDP by limiting of TCP/UDP ports per user, the CGN sends an ICMP destination unreachable message, with code of 13 (Communication administratively prohibited) to the sender.


  • Login