1. Large-scale address sharing issues
‘There must be some way out of here,’ said the joker to the thief.
Bob Dylan
Mat Ford
Irish IPv6 Summit 2010, Dublin
1
4. Address Sharing
• Current practice: give a unique IPv4 public
address to each subscriber
– this address can be shared into the residential/office
LAN through a NAPT device (in the CPE)
• With IPv4 free-pool allocation completion this is no
longer possible for new subscribers
– Scalability of RFC1918 space also creating problems
• A possible solution: allocate the same IPv4 public
address to several subscribers at the same time
– this is what we call large-scale address sharing
2010-05-19 Irish IPv6 Summit 2010 4
5. Port multiplexing
• Q: How is it possible to differentiate between multiple
subscribers all sharing a single address?
• A: Use the transport layer port field to multiplex
2010-05-19 Irish IPv6 Summit 2010 5
6. Background
• Long-tail of subscribers requiring >median
number of ports
Source: http://www.wand.net.nz/~salcock/someisp/flow_counting/result_page.html
2010-05-19 Irish IPv6 Summit 2010 6
11. It’s your problem now
• Introduction of large-scale address sharing creates
potentially serious issues for third parties:
– Some applications will fail to operate
– Reverse DNS will be affected
– Inbound ICMP will fail in many cases
– Amplification of security issues
– Service usage monitoring and abuse logging will be impacted
– Penalty boxes will no longer work
– Spam blacklisting will be affected
– Geo-location and geo-proximity mechanisms will be impacted
– Load balancing algorithms may be impacted
– Authentication mechanisms may be impacted
– Traceability of network usage and abusage will be affected
2010-05-19 Irish IPv6 Summit 2010 11
12. Impact on applications
• Breaks applications that
– Establish inbound communications
– Carry address and/or port information in their
payload
– Use fixed ports
– Do not use any port (ICMP)
– Assume uniqueness of source address
– Explicitly prohibit concurrent connections from
identical addresses
2010-05-19 Irish IPv6 Summit 2010 12
13. ICMP
• ICMP is problematic for address sharing mechanisms as it
does not carry any port information
• Responses to outbound ICMP can be handled relatively
easily
• Inbound ICMP sourced off-net will not be routable
• ICMP attacks
– Malicious user could send Packet Too Big reducing the MTU down
to 68 octets
– Value will be cached by server for all subscribers sharing the IP of
the malicious user
– Could lead to a DoS condition for the server and the NAT
2010-05-19 Irish IPv6 Summit 2010 13
14. Geo-proximity, geo-location
• Conforming with regional content
licensing restrictions
• Targeting advertising
• Customising content
• Emergency services
• Shared addressing may reduce level of
confidence and location granularity
• Application performance may be affected
in the presence of highly centralised CGN
2010-05-19 Irish IPv6 Summit 2010 14
15. Tracking service usage
• Monitoring unique users of a service no longer
possible by simply counting connections from
discrete IP addresses
• CPE NAT complicates this today, large-scale
address sharing will make it a more widespread
and severe issue
• In general, all elements that monitor usage or
abusage in the chain between a service provider
that has deployed address sharing and a content
provider will need to be upgraded to take account
of the port value in addition to IP addresses
2010-05-19 Irish IPv6 Summit 2010 15
16. Traceability
• Address sharing solutions must record and store all
mappings they create
– Potentially very large volume of data
– Pre-allocating groups of ports mitigates
– Trade-offs between
• size of pre-allocated groups
• ratio of public addresses to subscribers
• Impact on logging requirements
• Port randomisation security
• Need for timestamping and accurate timekeeping
– Densely populated CGN could mean even small amounts
of clock skew result in misidentification of subscribers
– Alternatively SPs start logging destinations, giving rise to
privacy concerns,
2010-05-19 Irish IPv6 Summit 2010 16
17. Security-related issues
• Port randomisation
• Abuse logging, penalty boxes
– Need to log source port as well as
source address
• Spam
• IPsec
• Authentication
2010-05-19 Irish IPv6 Summit 2010 17
18. Load balancing
• Deterministic algorithms based on IP
addresses may see sudden
imbalances in load as address
sharing is enabled
• Growth of address sharing will
require re-evaluation of load
balancing algorithm designs
2010-05-19 Irish IPv6 Summit 2010 18
19. Other issues
• Fragmentation
• Multicast
• Mobile-IP
• Single Point of Failure
• Reverse DNS
– Reverse DNS strings no longer sufficient
to identify a discrete subscriber
2010-05-19 Irish IPv6 Summit 2010 19
20. Conclusions
• Large-scale address sharing will make many
existing address sharing issues more severe
and more widespread
• Large-scale address sharing will also create
new technical and business issues
• Third-parties, content providers, LEAs, will
be impacted
• IPv6 is the only way to avoid this
2010-05-19 Irish IPv6 Summit 2010 20