Solving CGNAT problems?

  • 4 December 2022
  • 2 replies
  • 630 views
S
Badge

AFAICT my T-Mobile Internet router connects to a CGNAT DMZ, and every time I connect to a network service I do so from what appears to that service to be a different IP4 address. There seem to be exceptions, however, for some known protocols - I’ve had an SSH session up for several consecutive days. So one CAN obtain a static IP address for things like VPNs and SSH, but the protocol has to be well-known. Therefore, questions:

  1. Is there an IPV4 packet flag that says “this session needs a static IP address” to routers along the way? Routers are already reading the port assignments in order to determine “oh, that’s SSH, better make this static.” Is there a packet flag one can set?
  2. If I turned off IPV4 and just used IPV6 would the CGNAT DMZ provide a static address, since I wouldn’t need to be sharing IPV4 addresses any more?

2 replies

F
Badge

just because you have a session for days it does not mean that the ip didn't change. think of it. if you think having your wan ip means your internet goes down every time, they would get sued.

iTinkeralot
Rank
Userlevel 7
Badge +8

I have done a bit of research on the topic. I use whatismyipaddress.com from time to time to see when the IP address has changed and well it is not all the time but it does change more often than one might think. Some users have seen the IPv4 addressing change much too frequently so it is vulnerable to mistakes it seems. The use of 464XLAT and NAT64 & DNS64 seems to go with the T-Mobile solution and nothing much we can do about it. The problem also comes down to factors well beyond T-Mobile’s control. When software vendors continue to use IPv4 vs moving forward with IPv6 such migration strategies are required. If all applications used IPv6 many of the problems would be resolved. Some would argue that there are plenty of IPv4 addresses still available but the driving factor in that is cost. Sure rights to IPv4 address blocks can be bought but deployment with IPv6 is much lower cost and the supply of IPv6 addresses is vast in comparison. The explosion of IOT devices ongoing will just continue. 

You can’t avoid specific legacy platforms or vendors that built and maintain their operations on IPv4 literals. If they do not run IPv6 there has to be a translation to get between the IPv4 and IPv6 addressing. The reality is that IPv6 without translations is faster and easier to deploy than having to deal with port translations that add more complexity and processing for the translations. Sure you can buy IPv4 addresses or possibly lease them but it is not cheap. Some users workaround the 464XLAT with VPN solutions and some VPNs are better than others but the more control you want/need the more it cost. T-Mobile might offer business services with static addressing. The 5G cellular solution is not the “can do anything” solution for general home users. If users need IPv4 static addresses and port forwarding etc… then other vendors are happy to provide service at a higher price. I think it is forward looking on T-Mobile’s initiative to have the IPv6 migration plans in place and have the experience that comes with it. Those who build for tomorrow tend to win. 

Reply


New badge winners

  • Curious George
    Jessakittyhas earned the badge Curious George
  • Curious George
    Dvoidhas earned the badge Curious George
  • Curious George
    Mimikhas earned the badge Curious George
  • Curious George
    amycline57has earned the badge Curious George
  • Curious George
    SRM2908has earned the badge Curious George
Show all badges
Terms & Conditions