Hey Guys,
I just want to bring this topic called "CG NAT" which most of the users do not know about.
before going to the topic, let me give a small introduction about NAT.
What is NAT:
NAT stands for network address translation. It’s a way to map multiple local private addresses to a public one before transferring the information. Organizations that want multiple devices to employ a single IP address use NAT, as do most home routers.
there are multiple types of NAT like Static NAT, Dynamic NAT, and PAT.
Here I will discuss CG NAT.
What is CG NAT:
Way back in the early days of the internet (the 1980s) every connected computer was intended to have its own unique public IP address. IP addressing was originally defined by four octets—four groups of eight bits, a standard called IPv4—which resulted in over four billion unique values (actually, 4,294,967,296), so at the time it seemed we’d never run out.
By late 1980s, however, it became apparent that the dramatic adoption rate of the internet would eventually deplete this large pool of addresses. IPv6 was envisioned as a successor protocol to IPv4 and would solve the limited address space. However, IPv6 was not made to be backward compatible, and the problem of limited addresses still became an issue. Carrier-Grade NAT (CGNAT) was created as a solution to address this problem, primarily for service providers.
As a result, service providers, including ISPs, broadband cable, and mobile operators, soon required technology to stretch the limited pool of Public IP addresses even further and to meet some unique performance and feature requirements. The IETF Network Working Group began analyzing this problem and beginning in 2009, published a series of “Request for Comment” (RFCs) to enhance traditional network address translation (NAT).
The IETF RFCs provided recommendations, identified deployment limitations and requirements for “carrier-grade NAT” also called large-scale NAT (LSN) or NAT 444. Today, carrier-grade NAT (CGNAT) is a mature technology whose operation is well standardized by IETF RFCs and draft documents.
While standard NAT translates a private IPv4 address to public IPv4 address, Carrier Grade NAT (CGNAT) adds an additional translation layer. This allows ISPs to preserve their own public IPv4 addresses, process subscriber traffic through the service provider’s private IPv4 network and support subscribers or businesses that also have their own private IPv4 networks, and multiple locations or devices. Typically, Carrier Grade NAT (CGNAT) is used in a NAT 444 scenario, which translates:
(Customer) Private IPv4 to (ISP) Private IPv4 network address
(ISP) Private IPv4 network address to (ISP) Public IPv4 network address, for connection to the internet
The result of a NAT444 (private to private to public) deployment is that it allows multiple customer networks with their own internal network address space to route through the ISP’s internal network address space and share the ISPs single public Internet IPv4 address for access to the Internet
The diagram below shows a deployment of NAT444 (private, private, public) with three customer networks all using the same internal IPv4 address space with external IPv4 addresses that are private to the ISP sharing a single public IPv4 address.
Advantages of Carrier-Grade NAT:
IP was originally designed according to the end-to-end principle for networking. This means that application protocols may expect to communicate directly between hosts without intermediate systems modifying the packet headers or payload. As NAT modifies the IP addresses at the very least and sometimes alters other protocol headers and payloads, NAT can break the communications. Carrier-Grade NAT (CGNAT) solves this and other problems associated with using traditional NAT at scale with the inclusion of the following capabilities:
Application-level gateway (ALG) was developed to solve the problem of NAT servers breaking communications. Based on proxy server technology, ALGs intelligently modify necessary application protocol headers and payloads to conform to the protocol being routed by the NAT.
Endpoint-Independent Mapping (EIM), Endpoint-Independent Filtering (EIF), and hair pinning provide transparent NAT connectivity. Traditional NAT implementations do not allow any traffic that is initiated from the outside (EIM, EIF) or for protocols that need to hairpin, i.e. loop their traffic back to the inside.
Thanks for reading this.
Sources: Wikipedia and a10networks
