1 / 20

Careful planning is for introducing NAT

Careful planning is for introducing NAT. Operational advice from real-world experience. its communications Inc. Hiroyuki Ashida. Aug 2009. Agenda. Introduction Technical Issues for introducing LSN Summary Operational Advice to provide LSN. Introduction: My Job. Company

lfermin
Download Presentation

Careful planning is for introducing NAT

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Careful planning is for introducing NAT Operational advice from real-world experience its communications Inc. Hiroyuki Ashida Aug 2009

  2. Agenda • Introduction • Technical Issues for introducing LSN • Summary • Operational Advice to provide LSN

  3. Introduction: My Job • Company its communications Inc. the biggest CATV operator in Japan • Service • TV Broadcast • Internet Access • Primary Phone • Jobs • Access network & Backbone design /construction / operation • Recent Interests • IPv6 deployment for CATV broadband access • ISP network operation before & after IPv4 address exhaustion • Evaluation of Internet reachability

  4. Service Areas Around here 30kmaround Area house holds 1,130K Connected TV: 610k NET: 135k Phone: 22k

  5. Why I’m talking about NAT? • We have been providing NATed access service • since 1998 (before issued IPv4 assignment guideline) • over 50,000 customers are using NATed access => We have experience of operation of ten years • Proposals about LSN, NAT444 LSN = Large Scale NAT (CGN,MUN) • JPOPM13, APNIC25 • IETF draft-shirasaki-isp-shared-addr draft-shirasaki-nat444-isp-shared-addr • Many ISPs examine introduction of LSN • 40-50% of ISPs in Japan • for IPv4 address exhaustion

  6. Scope of this presentation • Operational Advice of LSN from real-world experience • Technical and quantitative knowledge • Analysis actual equipment and traffic • Contents • Resource management (session number, size of storage) • Network design & Routing • Timing to deploy • Why? • We (our customer) will share an IPv4 address in the future • We will have provided our services with the enough quality • 2 years after !!

  7. Network model: NAT444 Internet v4(G) v6 ISP v4(G) v6 LSN(CGN) Any IPv4 Address CPE CPE CPE v4(P) v4(P) V4(P) + v6 http://www.ietf.org/proceedings/09mar/slides/opsarea-2/opsarea-2_files/v3_document.htm

  8. Technical Issue (1/5) port number ※ http://www.nttv6.jp/~miyakawa/IETF72/IETF-IAB-TECH-PLENARY-NTT-miyakawa-extended.pdf How many sessions we should provide?

  9. Session numbers in consumer broadband access • Regional POP • Night of the weekend • Uniq addresses: 7,300 observed TCP session about 360,000 session number Time [sec]

  10. Analysis by network size, area and speed Statistical Multiplexing No correlation with access speed Session number per one IP address Area Difference ? 160M HSD /24 All /22 area (2) area (1) ADSL FTTH

  11. Distribution of the port number (TCP) 80 445 log 135 443 25 It is reduced to half if NetBIOS is denied 110 Number of times session number Port number Time [sec]

  12. Conclusion of port numbers • Average of 50-300 sessions per one user  ⇒ different by a condition (area, block size) • If the block is small, there are many sessions per user (Statistical Multiplexing) • Difference by regions (the class of users?) • No correlation with access speed • It is reduced to half if NetBIOS is denied

  13. Technical Issue (2/5) Logging Storage • Bit size per one session: about 48bytes • Source IP Address + Port : 48bit • Destination IP Address + Port : 48bit • Translated IP Address + Port : 48bit • Time stamp: 64bit • Other information(status, information of NAT box, etc) • Actual observed flow(about 7,000 addresses) TCP: 171,378 flows, UDP: 458,491 flows ⇒ about 40GB? / day ⇒ about 14TB? / year

  14. Technical Issue (3/5) Routing The Internet The Internet IPv4 Global IPv4 NATed (Private) Default Policy Routing To LSN IPv4 Global IPv4 NATed (Private) Separate Mixed

  15. Technical Issue (4/5) IP address ISPs usually use 10/8 Global Internet Default of most residential router is 192.168.x.x 10.x.x.x 10.x.x.x ISP Network Home Network 192.168.x.x 10.x.x.x

  16. Can ISPs use 10/8 for NAT? • Reserved for infrastructure • DOCSIS cable modems • VoIP Terminals • etc • Customer already use them • Enterprise customers • VPNservice 10.2.0.0/16 ISP 10.1.0.0/16

  17. Communications between customers SrcIP = Global access alloed The Internet IPv4 Global IPv4 NATed (Private) SrcIP = 10/8? access denied

  18. Technical Issue (5/5) Time of Launch ONE IPv4 address is shared by N users using LSN ⇒ Address consumption speed slows down 1/N Address Consumption Launch LSN time

  19. Address pool and Launch Timing • Current: 1,000 addresses /month • After Launch LSN: 50 users share one address ⇒ 20 addresses / month Available addresses remain of NAT pool /24 (256) 12 months /22 (1024) 50 months /21 (2048) 100 months Do you degrade of the existing service? Do you purchase the IP address?

  20. Summary: Technical Issues & Point of design • Management port number • We should focus on behavior of our customers • Hardly? Gently? • Many users share a large block • Effectively statistical multiplexing • Routing • Policy routing is used many depending on topology • IP address, Timing to deploy • If you can use 10/8, you should understood that some problems may occur. • You should reserve enough addresses for the translation.

More Related