cancel
Showing results for 
Search instead for 
Did you mean: 

Testing

Community Gaffer
Community Gaffer
Posts: 12,966
Thanks: 753
Fixes: 70
Registered: 04-04-2007

Testing

Testing forum posting functionality via CGNAT.

Bob Pullen
Plusnet Products Team
If I've been helpful then please give thanks ⤵

12 REPLIES
Community Veteran
Posts: 38,314
Thanks: 972
Fixes: 57
Registered: 15-06-2007

Re: Testing

Interesting IP address
Quote
This block is used as Shared Address Space. Traffic from these addresses does not come from IANA. IANA has simply reserved these numbers in its database and does not use or operate them. We are not the source of activity you may see on logs or in e-mail records. Please refer to http://www.iana.org/abuse/
Shared Address Space can only be used in Service Provider networks or on routing equipment that is able to do address translation across router interfaces when addresses are identical on two different interfaces.

MJN
Aspiring Pro
Posts: 1,093
Thanks: 39
Fixes: 2
Registered: 26-08-2010

Re: Testing

100.64.0.0/10 is the address range earmarked for use with CG-NAT deployment - RFC6598 has further details.
Community Veteran
Posts: 1,136
Thanks: 2
Registered: 30-07-2007

Re: Testing

Does everyone behind CG-NAT have a unique address from the 100.64.0.0/10 at any given time, or is it dependant on which NAT Server they are behind at the time?
Also, if the CG-NAT address is the only one being published then all website operators can know is that it was from someone behind CG-NAT, and not which provider it was?
F9 member since 4 Sep 1999
F9 ADSL customer since 27 Aug 2004
DLM manages your line the same way DRM manages your rights.
Look at all the pretty graphs! (now with uptime logging!)
MJN
Aspiring Pro
Posts: 1,093
Thanks: 39
Fixes: 2
Registered: 26-08-2010

Re: Testing

Each customer gets a unique address from the pool, just like you do now with a public address. Those are then NATed into the smaller set of the ISP's public address space, hence:
Customer LAN (10/8, 192.168/16, etc) <--NAT--> 100.64.0.0/10 Range <--NAT--> Plusnet Public IP Range
The 100.64.0.0/10 addresses are only for use within the ISP's infrastructure however because, as you say, they are not globally unique. They would therefore never appear on the Internet - the only reason they were visible in this instance is because both Bob and the forum are 'inside the wire' as it were.
The ISP can't use 'normal' (RFC191Cool reserved address space to NAT customers into because chances are those addresses could already be in use on the customer's own network(s) so there'd be all sorts of misdirection going on e.g. 'which side of the customer's router does 192.168.1.40 sit on?' Public address space obviously can't be used given the shortage hence this new address space has been set aside for ISPs to use as the intermediate address range between the private customer ranges and the public Internet range.
Community Veteran
Posts: 1,136
Thanks: 2
Registered: 30-07-2007

Re: Testing

Thanks for that MJN, it didn't occur to me that PN's public facing sites would be accessible directly from their core ISP network without having to go through another round of gateways.
F9 member since 4 Sep 1999
F9 ADSL customer since 27 Aug 2004
DLM manages your line the same way DRM manages your rights.
Look at all the pretty graphs! (now with uptime logging!)
MJN
Aspiring Pro
Posts: 1,093
Thanks: 39
Fixes: 2
Registered: 26-08-2010

Re: Testing

No, I didn't think they necessarilly would be either to be honest! I'd always assumed that was why the forum etc didn't get IPv6 enabled.
Community Gaffer
Community Gaffer
Posts: 12,966
Thanks: 753
Fixes: 70
Registered: 04-04-2007

Re: Testing

I noticed the IP too. I've a feeling it's because Community is hosted on our network. When visiting something like http://www.whatismyip.com/ I'm shown the public-facing IP I'm sharing. In the router GUI it also shows the private IP assigned to the WAN interface.

Bob Pullen
Plusnet Products Team
If I've been helpful then please give thanks ⤵

Superuser
Superuser
Posts: 9,053
Thanks: 502
Fixes: 43
Registered: 06-04-2007

Re: Testing

How many CG-NAT nodes would be set up in a production implementation? Presumably it would be necessary to ensure their DHCP ranges don't overlap to avoid duplicate IPs within the Plusnet network.
David
Community Gaffer
Community Gaffer
Posts: 12,966
Thanks: 753
Fixes: 70
Registered: 04-04-2007

Re: Testing

Quote from: spraxyt
How many CG-NAT nodes would be set up in a production implementation?

We're along way from that, even if it was to come to fruition. I'm pretty sure whatever the implementation, it wouldn't allow for overlap.

Bob Pullen
Plusnet Products Team
If I've been helpful then please give thanks ⤵

Plusnet Staff
Plusnet Staff
Posts: 12,169
Thanks: 18
Fixes: 1
Registered: 04-04-2007

Re: Testing

Our internal services don't need to go through the NAT so accessing community or email or DNS for example isn't routed through the NAT. So if we look at the logs (or an moderator/admin looks at the IP a user has posted from) we see an IP within 100.64.0.0/10. As a CG-NAT IP is unique within our network, same as 192.168.1.254 is unique within the home we don't have to put internal traffic through the NAT.
Plusnet Staff
Plusnet Staff
Posts: 12,169
Thanks: 18
Fixes: 1
Registered: 04-04-2007

Re: Testing

Although now I don't see the CG-NAT IP as I logged on to the work VPN.
Community Gaffer
Community Gaffer
Posts: 12,966
Thanks: 753
Fixes: 70
Registered: 04-04-2007

Re: Testing

Quote from: dave
Our internal services don't need to go through the NAT so accessing community or email or DNS for example isn't routed through the NAT. So if we look at the logs (or an moderator/admin looks at the IP a user has posted from) we see an IP within 100.64.0.0/10. As a CG-NAT IP is unique within our network, same as 192.168.1.254 is unique within the home we don't have to put internal traffic through the NAT.

Saw a similar thing with the Usertools box and the Gateway Checker.
You are using a debugging mode - and checking IP 100.127.254.16
[0] => 1 84.92.0.73 (84.92.0.73) 0.443 ms
[1] => 2 po3.3656.peh-cr01.plus.net (84.93.232.32) 0.427 ms
[2] => 3 po5.peh-cr02.plus.net (84.93.232.17) 7.819 ms
[3] => 4 84-93-232-60 (84.93.232.60) 8.221 ms
[4] => 5 ae3.ptw-cr01.plus.net (195.166.129.32) 21.984 ms
[5] => 6 ae1.pcl-cr01.plus.net (195.166.129.1) 11.203 ms
[6] => 7 ae2.pcl-cr02.plus.net (195.166.129.7) 8.339 ms
[7] => 8 te-9-3.pcl-gw02.plus.net (212.159.1.15) 8.349 ms
[8] => 9 link10-central10.pcl-ag08.plus.net (84.93.249.243) 9.845 ms
[9] => 10 100.127.254.16 (100.127.254.16) 21.088 ms )

Bob Pullen
Plusnet Products Team
If I've been helpful then please give thanks ⤵