We may have heard or read the acronym CG-NAT in relation to our Internet connection, but we do not know exactly what it is and how it can affect us. For this reason, we are going to try to explain what this technique used by some of the operators in different countries consists of and what it consists of.
The truth is that, although it may seem like a relatively modern term, the truth is that it has been used for decades in network management. However, it is in this age of connected living that it is starting to become more and more popular.
What is CG-NAT
CG-NAT stands for Carrier Grade Network Address Translation, it is a technique that allows the use of the same public IPv4 in which private IPv4 addresses will be associated simultaneously. The purpose of this practice carried out by some operators is to allow several clients to connect to the Internet simultaneously using only one public IPv4 address and thus mitigate the limitation of the IPv4 protocol to cover the demand for Internet access services.
The IPv4 protocol is insufficient to respond to all the demand for Internet services. For this reason, CG-NAT is created, a solution for operators that allows many clients to connect to the Internet using the same IPv4 address. It is a technique that allows the use of the same public IPv4 in which private IPv4 addresses will be associated simultaneously. What some operators do is connect several clients to the Internet simultaneously using only one public IPv4 address. In most cases, users don’t notice unless you’re tech-savvy, for example, or they know their carrier does. We can also get out, as we will see in the next paragraphs. It will not affect our daily life except in specific cases, but it is a practice that some operators carry out, although it is supposed to be “temporary”. We will be able to open ports on our home router, but access from the Internet to local network services will not work , because the operator itself also does its “NAT” and we do not have the possibility of port forwarding in the router itself.
It is a process that may be temporary until the arrival and massive extension of IPv6, but which is used by many operators today and whose main drawback is that we will not be able to use services on the local network such as an FTP server or a NAS, for example. The problem is that the adoption of IPv6 is very very slow and therefore we will still be hearing about CG-Nat for a long time.
Benefits of sharing IP
Most users will not notice any problem using CG-NAT in their day to day life. In fact, it is possible that you have been using it for years and you did not even know it (on 3G or 4G mobile broadband networks, for example, we have been using it for years) You can check that nothing changes by doing an Internet speed test or browsing the pages that you usually use, there will be no difference or inconvenience.
Is it a risk when watching series and movies? Normally not and, as we said in the previous section, surely you have it and you have not noticed it. You won’t notice it on Netflix or Spotify or HBO either, you can continue playing streaming content normally, whether it’s video or audio. The two services work perfectly when connecting to the Internet with CG-NAT and you will be able to watch series and movies just fine.
- illegal activities
You should not be worried about what would happen if you share an IP with another user and they carry out some kind of illegal activity, how can they know that it was not you and that it was him if you both have the same public IP address? Only with the IP it is not possible to identify someone who has committed an illegality and there are already cases in which a judge has rejected this method as evidence.
- Security cameras
And the security cameras? It will depend on the system used. If the cameras use their own Cloud to communicate, there will be no problem. If they do not use it, you will not be able to access the visualization of your IP cameras from the Internet.
Drawbacks of sharing IP
Yes there are some problems that we will encounter if we are using CG-Nat. Although in the previous case we explained that it should not affect you, there are times when it will affect you.
Yes, you may notice that latency is slightly higher in the case of users specialized in online games and it is one of the main complaints of users in the different operator forums. Latency goes up slightly when using CGNAT and this may affect you if you play demanding PC games or console games.
- open ports
But if something really affects when you use CGNAT it is that you will not be able to open ports. This implies that you will not be able to use a VPN server, web server or FTP server, among other services such as Nextcloud to create our own private cloud. If you use a server to access the content of your computer remotely when you are away from home, this type of technology would not allow you to do so. You will also not be able to connect to the NAS server because it requires open ports and CG-NAT will not allow you to open them.
Another of the main problems that you can find in your day to day life is seeing possible bans for which you are not to blame. If you share a public IP with another user who has been banned from a web page or service, you will not be able to access this page either, even if you have not done anything to deserve it.
There are certain features of CG-NAT that can be a drawback in certain circumstances, but which can also be turned into an advantage. For example, the fact of not being able to open ports implies that we cannot use certain services or VPN or FTP servers, however, it is an advantage if we focus on the security aspect.
That is to say, the fact that it does not allow the opening of ports improves security and we are more protected against certain attacks that we can receive through certain connections. Thanks to CG-NAT, it is better prevented that any user with bad intentions can access the devices connected behind the router.
The solution: IPv6
Although many do not know it, in reality CG-NAT is a kind of temporary “patch” while it produces the mass adoption of IPv6. Until now, all computers and servers use IPv4 in the majority , which allows a total of 4,294,967,296 possible IP addresses. The exponential growth of connected devices means that experts have been warning for some time that these addresses are going to end. As an alternative, we have IPv6, the new system that allows us to have 340,282,366,920,938,463,463,374,607,431,768,211,456 IPv6 addresses available. Since 2016 we have no new IPv4 addressesavailable and the only ones that are put “on the market” come from recovered addresses because they are not being used. The problem is that there is no commitment to migrate to IPv6 on a massive scale. As of the end of 2020, less than 30% of users use it.
What changes will there be? IPv4 addresses are 32 bits long and are written as four 8-bit decimal numbers, each with a value from 0 to 255, separated by periods in four blocks. OP, which is the same, the address you have at home is 192.168.1.1 as used for the router or 22.214.171.124 for example. But with the arrival of IpV6 this will change because the addresses do not have the same length nor use the same blocks of numbers. IPv6 addresses are 128 bits long and are written as 8 blocks of hexadecimal numbers that are 16 bits each, separated by a colon and with a value from 0000 to FFFF-. They include numbers and letters and would be something like
Operators have opted for CG-NAT as an alternative to migration to IPv6. Its implementation is cheaper, since it does not imply the migration to a new protocol. Unfortunately, this is not good news for users experiencing problems with certain applications or using services that require redirection of traffic to a specific port.