CGNAT is a large-scale protocol that applies NAT, the IP address translator, directly to an operator’s network, and is an alternative to exhaustion of IPv4 addresses. However, the format brings some problems to the structure and security of the worldwide network. Learn what CGNAT is and why it is not an ideal format for the internet.
What is it?
To understand what CGNAT is, you must first know NAT, or Network Address Translation. This is a protocol that allows addresses of an internal network, which in theory are closed, to communicate with the internet.
How NAT works
When the worldwide computer network became popular, it generated a scaling problem for corporate networks because the dots (computers) could not connect to it to exchange information with other external terminals, because their IP addresses are incompatible with those used over the Internet.
Requests are generated by the router, which has a global IP, but at the time of returning packets, it was necessary to identify which machine the request was broken from. This is where NAT comes in: it maps the network points and identifies each of them through the local port and IP. With this data, it generates a 16-digit code using the hash table, which is the IP of an internet terminal.
NAT is also used in home networks: your mobile phone, computer, video game, TV and smart devices each have a hash-generated IP to communicate with the internet, while the router concentrates all data requests.
The CARRIER Grade Network Address Translation, is the NAT protocol applied not to the user’s or a company’s router, but directly to the provider’s network, being a large tool to deal with a critical problem: iPv4 exhaustion.
Because the protocol uses 32-bit logical addresses, it allows a maximum of 4.29 billion devices connected to the Internet, and currently, there is no more number available to be allocated; very soon, all positions will be occupied simultaneously.
The IPv6 protocol uses 128 bits, so it supports up to 340 simultaneous address (34 followed by 36 zeros), but migrating all IPv4 addresses to the new format would take a long time. In this way, operators began to use NAT directly on their networks, which is CGNAT.
It is an intermediate layer between the user and the internet, which assigns the same public IPv4 address to multiple private connections at the same time, directing each point (user) through different ports.
It’s actually a big gambiarra, which allows operators to manage the old addresses they have for longer until the conversion to IPv6 is complete.
Network experts claim that CGNAT is harmful to the internet because it hurts one of the basic principles of the network, which is point-to-point connection. In it, each user has an easily identifiable unique address, which is not the case when NAT is applied to users, causing multiple users to use the same IPv4 address.
Because direct user identification is more complex than it should be, a CGNAT network can bring complications to various services that the consumer uses, such as streaming, P2P services, online games, VoIP, and any other service that relies on a single address.
Another major problem generated by CGNAT is convenience. Although it was adopted as a temporary alternative, until the migration to IPv6 was completed, its adoption eventually hindered this process, because the half-assed protocol “works”, which is understood by companies as saving money in infrastructure.
Thus, these companies are pushing IPv6 with their belly, turning with CGNAT while keeping IPv4 on the “respirator”, however harmful this may be to the internet as a whole and to users, just because the NAT applied to the network allows this.
The difficulty in identifying a user by IP, can lead to malicious users committing digital crimes, and CGNAT ends up being a facilitator. In ideal situations, the protocol should be just a patch and not a long-term solution.