Network Address Translation
NAT technology is not a transition mechanism to IPv6
Network Address Translation (NAT) technology is a workaround to extend the lifetime of IPv4 addresses. NAT allows organizations to extend their addresses to more devices by using private IPv4 address space, and APNIC recognises this is an operational reality for many network operators due to IPv4 exhaustion.
However, using NAT platforms such as Carrier Grade NAT (CGN) and Large Scale NAT (LSN) to provide IPv4-to-IPv4 connectivity should not be considered a transition mechanism to IPv6, as NAT simply prolongs IPv4 address usability while an IPv6 transition strategy is completed.
NATs have issues
Network operators must be mindful that NAT devices are expensive and can be difficult to scale for large networks, as the number of available ports per customer is restricted. NATs also:
- Break the end-to-end model of IP addressing
- Impact end-to-end security
- Introduce serious consequences for lawful intercept
- Increase application upgrades for non-NAT friendly applications
- Make fast re-routing and multihoming difficult
- Increase behavioural, security and liability implications when sharing IPv4 addresses among multiple users.
APNIC recommends service providers deploy IPv6 alongside NAT technology to ensure business continuity. Service providers who rely solely on NAT and do not deploy IPv6 will likely need to continually revisit and resolve the same network scaling problems as their customer base continues to expand.
Deploying CGN or LSN in IPv4-only networks will likely create “double NATed” environments as most Customer Premises Equipment already uses NAT functionality. This further increases the complexity of networks and can compound the negative impacts.
To reduce the network reliance on NAT, operators need to transition to IPv6.