More Web Proxy on the site http://driver.im/

research-article

Public Access

A Multi-perspective Analysis of Carrier-Grade NAT Deployment

Authors:

Philipp Richter,

Florian Wohlfart,

Narseo Vallina-Rodriguez,

Christian Kreibich,

Nicholas Weaver,

Vern PaxsonAuthors Info & Claims

IMC '16: Proceedings of the 2016 Internet Measurement Conference

Pages 215 - 229

https://doi.org/10.1145/2987443.2987474

Published: 14 November 2016 Publication History

Abstract

As ISPs face IPv4 address scarcity they increasingly turn to network address translation (NAT) to accommodate the address needs of their customers. Recently, ISPs have moved beyond employing NATs only directly at individual customers and instead begun deploying Carrier-Grade NATs (CGNs) to apply address translation to many independent and disparate endpoints spanning physical locations, a phenomenon that so far has received little in the way of empirical assessment. In this work we present a broad and systematic study of the deployment and behavior of these middleboxes. We develop a methodology to detect the existence of hosts behind CGNs by extracting non-routable IP addresses from peer lists we obtain by crawling the BitTorrent DHT. We complement this approach with improvements to our Netalyzr troubleshooting service, enabling us to determine a range of indicators of CGN presence as well as detailed insights into key properties of CGNs. Combining the two data sources we illustrate the scope of CGN deployment on today's Internet, and report on characteristics of commonly deployed CGNs and their effect on end users.

References

[1]

Netalyzr for Android. Google Play. https://play.google.com/store/apps/details?id=edu.berkeley.icsi.netalyzr.android.

[2]

A. Tabdili. Carrier Grade NAT: Requirements and Challenges in the Real World . http://www.menog.org/presentations/menog-10/Amir%20Tabdili%20-%20Carrier%20Grade%20NAT.pdf.

[3]

A10 Networks. Carrier Grade NAT (CGN) Deployment Guide. https://www.a10networks.com/sites/default/files/resource-files/A10-DG-Carrier_Grade_NAT_%28CGN%29_Large_Scale_NAT_%28LSN%29.pdf.

[4]

S. Alcock, R. Nelson, and D. Miles. Investigating the Impact of Service Provider NAT on Residential Broadband Users. TR, University of Waikato, 2010.

[5]

APNIC Labs. Customers per AS Measurements. Description: https://labs.apnic.net/?p=526 Dataset: http://stats.labs.apnic.net/aspop.

[6]

F. Audet and C. Jennings. Network Address Translation (NAT) Behavioral Requirements for Unicast UDP. RFC 4787 (Best Current Practice), January 2007. Updated by RFCs 6888, 7857.

[7]

S. M. Bellovin. A Technique for Counting NATted Hosts. In IMW, 2002.

Digital Library

[8]

BitTorrent.org. DHT Protocol (BEP-05). http://www.bittorrent.org/beps/bep_0005.html.

[9]

E. Bocchi, A. S. Khatouni, S. Traverso, A. Finamore, V. D. Gennaro, M. Mellia, M. Munafo, and D. Rossi. Impact of Carrier-Grade NAT on Web Browsing. In IWCMC, 2015.

[10]

M. Boucadair, R. Penno, and D. Wing. Universal Plug and Play (UPnP) Internet Gateway Device - Port Control Protocol Interworking Function (IGD-PCP IWF). RFC 6970 (Proposed Standard), July 2013.

[11]

M. Butkiewicz, H. V. Madhyastha, and V. Sekar. Understanding Website Complexity: Measurements, Metrics, and Implications. In IMC, 2011.

Digital Library

[12]

Cisco. NAT Administration Guide, StarOS Release 17. http://www.cisco.com/c/dam/en/us/td/docs/wireless/asr_5000/17-0/PDF/17-NAT-Admin.pdf.

[13]

Cymru. Ephemeral Source Port Selection Strategies. https://www.cymru.com/jtk/misc/ephemeralports.html.

[14]

J. Czyz, M. Allman, J. Zhang, S. Iekel-Johnson, E. Osterweil, and M. Bailey. Measuring IPv6 Adoption. In ACM SIGCOMM, 2014.

Digital Library

[15]

L. D'Acunto, J.A. Pouwelse, and H.J. Sips. A measurement of NAT & Firewall Characteristics in Peer to Peer Systems. In ASCI, 2009.

[16]

L. DiCioccio, R. Teixeira, M. May, and C. Kreibich. Probe and Pray: Using UPnP for Home Network Measurements. In PAM, 2012.

Digital Library

[17]

C. Donley, L. Howard, V. Kuarsingh, J. Berg, and J. Doshi. Assessing the Impact of Carrier-Grade NAT on Network Applications. RFC 7021 (Informational), September 2013.

[18]

K. Egevang and P. Francis. The IP Network Address Translator (NAT). RFC 1631 (Informational), May 1994. Obsoleted by RFC 3022.

Digital Library

[19]

FCC. Measuring Broadband America. https://www.measuringbroadbandamerica.com/.

[20]

B. Ford, P. Srisuresh, and D. Kegel. Peer-to-Peer Communication Across Network Address Translators. In USENIX ATC, 2005.

Digital Library

[21]

S. Guha, K. Biswas, B. Ford, S. Sivakumar, and P. Srisuresh. NAT Behavioral Requirements for TCP. RFC 5382 (Best Current Practice), October 2008. Updated by RFC 7857.

[22]

C. Holmberg, S. Hakansson, and G. Eriksson. Web Real-Time Communication Use Cases and Requirements. RFC 7478 (Informational), March 2015.

[23]

Alan B. Johnston. SIP: Understanding the Session Initiation Protocol. Artech House, Inc., Norwood, MA, USA, 3rd edition, 2009.

Digital Library

[24]

C. Kreibich, N. Weaver, B. Nechaev, and V. Paxson. Netalyzr: Illuminating The Edge Network. In IMC, 2010.

Digital Library

[25]

V. Krmicek, J. Vykopal, and R. Krejci. NetFlow Based System for NAT Detection. In ACM CoNEXT, 2009.

Digital Library

[26]

A. Lutu, M. Bagnulo, A. Dhamdhere, and k. claffy. NAT Revelio: Detecting NAT444 in the ISP. In PAM, 2016.

[27]

D. MacDonald and B. Lowekamp. NAT Behavior Discovery Using Session Traversal Utilities for NAT (STUN). RFC 5780 (Experimental), May 2010.

[28]

G. Maier, F. Schneider, and A. Feldmann. NAT Usage in Residential Broadband Networks. In PAM, 2011.

Digital Library

[29]

P. Maymounkov and D. Mazieres. Kademlia: A Peer-to-Peer Information System Based on the XOR Metric. In Peer-to-Peer Systems. Springer, 2002.

Digital Library

[30]

A. Müller, F. Wohlfart, and G. Carle. Analysis and Topology-based Traversal of Cascaded Large Scale NATs. In ACM HotMiddlebox, 2013.

Digital Library

[31]

NOW (New Zealand ISP). What if I need a public IP Address? https://support.nownz.co.nz/support/solutions/articles/5000504832-what-if-i-need-a-public-ip-address-.

[32]

Y. Ohara, K. Nishizuka, K. Chinen, K. Akashi, M. Kohrin, E. Muramoto, and S. Miyakawa. On the Impact of Mobile Network Delays on Connection Establishment Performance of a Carrier Grade NAT Device. In ACM AINTEC, 2014.

Digital Library

[33]

R. Penno, S. Perreault, M. Boucadair, S. Sivakumar, and K. Naito. Updates to Network Address Translation (NAT) Behavioral Requirements. RFC 7857 (Best Current Practice), April 2016.

[34]

S. Perreault, I. Yamagata, S. Miyakawa, A. Nakagawa, and H. Ashida. Common Requirements for Carrier-Grade NATs (CGNs). RFC 6888 (Best Current Practice), April 2013.

[35]

Y. Rekhter, B. Moskowitz, D. Karrenberg, G. J. de Groot, and E. Lear. Address Allocation for Private Internets. RFC 1918 (Best Current Practice), February 1996. Updated by RFC 6761.

Digital Library

[36]

P. Richter, M. Allman, R. Bush, and V. Paxson. A Primer on IPv4 Scarcity. ACM CCR, 45(2), 2015.

Digital Library

[37]

P. Richter, G. Smaragdakis, D. Plonka, and A. Berger. Beyond Counting: New Perspectives on the Active IPv4 Address Space. In ACM IMC, 2016.

Digital Library

[38]

J. Rosenberg, A. Keranen, B. B. Lowekamp, and A. B. Roach. TCP Candidates with Interactive Connectivity Establishment (ICE). RFC 6544 (Proposed Standard), March 2012.

[39]

J. Rosenberg, R. Mahy, P. Matthews, and D. Wing. Session Traversal Utilities for NAT (STUN). RFC 5389 (Proposed Standard), October 2008. Updated by RFC 7350.

[40]

J. Rosenberg, J. Weinberger, C. Huitema, and R. Mahy. STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs). RFC 3489 (Proposed Standard), March 2003. Obsoleted by RFC 5389.

Digital Library

[41]

N. Skoberne, O. Maennel, I. Phillips, R. Bush, J. Zorz, and M. Ciglaric. IPv4 Address Sharing Mechanism Classification and Tradeoff Analysis. IEEE/ACM ToN, 2014.

Digital Library

[42]

Spamhaus. The Policy Block List. https://www.spamhaus.org/pbl/.

[43]

P. Srisuresh, B. Ford, and D. Kegel. State of Peer-to-Peer (P2P) Communication across Network Address Translators (NATs). RFC 5128 (Informational), March 2008.

[44]

L. Wang and J. Kangasharju. Real-world sybil attacks in BitTorrent mainline DHT. In IEEE GLOBECOM, 2012.

[45]

Z. Wang, Z. Qian, Q. Xu, Z. M. Mao, and M. Zhang. An Untold Story of Middleboxes in Cellular Networks. In ACM SIGCOMM, 2011.

Digital Library

[46]

J. Weil, V. Kuarsingh, C. Donley, C. Liljenstolpe, and M. Azinger. IANA-Reserved IPv4 Prefix for Shared Address Space. RFC 6598 (Best Current Practice), April 2012.

[47]

D. Wing. NAT Tutorial. In IETF 78, 2010.

Cited By

Livadariu IVermeulen KMouchet MGiotsas V(2024)Geofeeds: Revolutionizing IP Geolocation or Illusionary Promises?Proceedings of the ACM on Networking10.1145/36768692:CoNEXT3(1-21)Online publication date: 21-Aug-2024
https://dl.acm.org/doi/10.1145/3676869
Buchet ASnyder PHaddadi HPelsser C(2023)Detecting IP-tracking proof interfaces by looking for NATs2023 7th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA58422.2023.10198950(1-4)Online publication date: 26-Jun-2023
https://doi.org/10.23919/TMA58422.2023.10198950
Sunkara VSchmachtenberger CRippy Wvan den Bergh BLauwers QNote PMcKenna J(2023)A Case-Study Based Overview of Unmanned Surface Vessel Design and ComponentsOCEANS 2023 - MTS/IEEE U.S. Gulf Coast10.23919/OCEANS52994.2023.10337192(1-9)Online publication date: 25-Sep-2023
https://doi.org/10.23919/OCEANS52994.2023.10337192
Show More Cited By

Index Terms

A Multi-perspective Analysis of Carrier-Grade NAT Deployment
1. General and reference
  1. Cross-computing tools and techniques
    1. Measurement
2. Networks

Recommendations

Beyond Counting: New Perspectives on the Active IPv4 Address Space
IMC '16: Proceedings of the 2016 Internet Measurement Conference

In this study, we report on techniques and analyses that enable us to capture Internet-wide activity at individual IP address-level granularity by relying on server logs of a large commercial content delivery network (CDN) that serves close to 3 ...
Network Address Translation: Extending the Internet Address Space

Network Address Translation (NAT) and Network Address and Port Translation (NAPT) are widely used to separate networks and share IPv4 addresses. They're valuable tools for network administrators and help with the imminent exhaustion of IPv4 address ...
IPSec support in NAT-PT scenario for IPv6 transition
ISC'05: Proceedings of the 8th international conference on Information Security

Applying IPSec in NAT-PT environment for end-to-end security fails due to the problems caused by the IP header conversion in NAT-PT server. The IP header conversion causes the receiver to fail to verify the TCP/UDP checksum and the ICV value of the AH ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

IMC '16: Proceedings of the 2016 Internet Measurement Conference

November 2016

570 pages

ISBN:9781450345262

DOI:10.1145/2987443

General Chairs:
Phillipa Gill
University of Massachusetts--Amherst
,
John Heidemann
USC/ISI
,
Program Chairs:
John W. Byers
Boston University
,
Ramesh Govindan
USC

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGMETRICS: ACM Special Interest Group on Measurement and Evaluation
SIGCOMM: ACM Special Interest Group on Data Communication
USENIX Assoc: USENIX Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 November 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

IMC 2016

Sponsor:

SIGMETRICS
SIGCOMM
USENIX Assoc

IMC 2016: Internet Measurement Conference

November 14 - 16, 2016

California, Santa Monica, USA

Acceptance Rates

IMC '16 Paper Acceptance Rate 48 of 184 submissions, 26%;

Overall Acceptance Rate 224 of 867 submissions, 26%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

33
Total Citations
View Citations
1,720
Total Downloads

Downloads (Last 12 months)242
Downloads (Last 6 weeks)14

Reflects downloads up to 26 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Livadariu IVermeulen KMouchet MGiotsas V(2024)Geofeeds: Revolutionizing IP Geolocation or Illusionary Promises?Proceedings of the ACM on Networking10.1145/36768692:CoNEXT3(1-21)Online publication date: 21-Aug-2024
https://dl.acm.org/doi/10.1145/3676869
Buchet ASnyder PHaddadi HPelsser C(2023)Detecting IP-tracking proof interfaces by looking for NATs2023 7th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA58422.2023.10198950(1-4)Online publication date: 26-Jun-2023
https://doi.org/10.23919/TMA58422.2023.10198950
Sunkara VSchmachtenberger CRippy Wvan den Bergh BLauwers QNote PMcKenna J(2023)A Case-Study Based Overview of Unmanned Surface Vessel Design and ComponentsOCEANS 2023 - MTS/IEEE U.S. Gulf Coast10.23919/OCEANS52994.2023.10337192(1-9)Online publication date: 25-Sep-2023
https://doi.org/10.23919/OCEANS52994.2023.10337192
Song XBaltra GHeidemann JMontpetit MLeivadeas AUhlig SJaved M(2023)Inferring Changes in Daily Human Activity from Internet ResponseProceedings of the 2023 ACM on Internet Measurement Conference10.1145/3618257.3624796(627-644)Online publication date: 24-Oct-2023
https://dl.acm.org/doi/10.1145/3618257.3624796
Rye ELevin DSchulzrinne HKohler EMaltz DMisra V(2023)IPv6 Hitlists at Scale: Be Careful What You Wish ForProceedings of the ACM SIGCOMM 2023 Conference10.1145/3603269.3604829(904-916)Online publication date: 10-Sep-2023
https://dl.acm.org/doi/10.1145/3603269.3604829
Salamatian LArnold TCunha ÍZhu JZhang YKatz-Bassett ECalder M(2023)Who Squats IPv4 Addresses?ACM SIGCOMM Computer Communication Review10.1145/3594255.359426053:1(48-72)Online publication date: 20-Apr-2023
https://dl.acm.org/doi/10.1145/3594255.3594260
Saxon JFeamster N(2022)GPS-Based Geolocation of Consumer IP AddressesPassive and Active Measurement10.1007/978-3-030-98785-5_6(122-151)Online publication date: 22-Mar-2022
https://doi.org/10.1007/978-3-030-98785-5_6
Gamero-Garrido ACarisimo EHao SHuffaker BSnoeren ADainotti A(2022)Quantifying Nations’ Exposure to Traffic Observation and Selective TamperingPassive and Active Measurement10.1007/978-3-030-98785-5_29(645-674)Online publication date: 22-Mar-2022
https://doi.org/10.1007/978-3-030-98785-5_29
Shah ABran JZarifis KBedi H(2022)SSQoE: Measuring Video QoE from the Server-Side at a Global Multi-tenant CDNPassive and Active Measurement10.1007/978-3-030-98785-5_27(600-625)Online publication date: 22-Mar-2022
https://doi.org/10.1007/978-3-030-98785-5_27
Dang TMohan NCorneo LZavodovski AOtt JKangasharju JLevin DMislove AAmann JLuckie M(2021)Cloudy with a chance of short RTTsProceedings of the 21st ACM Internet Measurement Conference10.1145/3487552.3487854(62-79)Online publication date: 2-Nov-2021
https://dl.acm.org/doi/10.1145/3487552.3487854
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents