CGNAT frustrates all IP address-based technologies (2019)

CGNAT is a godsend for all internet access providers who have no IPv4 addresses left to assign to customers. At the same time, it's a serious impediment for police services and security tools. Whereas it was once possible to assume that an IP address was linked to a single customer, it can now be linked to thousands. As a result, many IP-based technologies and approaches no longer work properly. CGNAT In recent years, major access providers have switched en masse to carrier-grade NAT (CGNAT). In CGNAT, multiple NAT layers are superimposed to give a large number of users access to the internet via a small number of public IPv4 addresses. CGNAT's technical name – NAT444 – alludes to how the technology works: as with traditional NAT (NAT44), the end user is assigned a non-routable address from the private series defined in RFC 1918. However, whereas there used to be a "true" public IPv4 address on the uplink side of the user's modem, there is now an intermediate network operated by the ... Read full article.