You must log in or register to comment.
Every day we move further away from God.
Every day I regret becoming a network engineer more and more
You have a clusterfuck of a clusterfuck because corpocunts make more money from keeping everyone on shit old stacks
The network engineer to communist/anarchist pipeline is real
My goal is to be a network engineer…hmmmm
stupid question, wouldn’t it be easier to just have sub addresses?
like my fictional ip address is 123.123.123
and I can set my router to give up to 1000 sub addresses, so one computer can host a Minecraft server at 123.123.123.001 I have another for my some projects, the projects ones each have sub addresses like 123.123.123.002.001 and 123.123 123.002.002…
a company could have countless layers and any amount of addresss they want.
and we’re never going to run out of addresses.
Well the IPv4 spec only allows 4 octets, so having 5 or more is impossible. We could fix it by changing the protocol, but at that point it’s more worth it to just migrate to IPv6.
fair, but isn’t IPv6 just going with the same assumption as IPv4, “so many addresses, no way we will ever use them all”
It’s pretty hard to overstate just how many addresses are in the ipv6 address space vs ipv4.
One of my favorite descriptions comes from Beej’s guide to network programming, something I first read probably in the early to mid 2000s. https://beej.us/guide/bgnet/html/#ip-addresses-versions-4-and-6
3.1 IP Addresses, versions 4 and 6 In the good old days back when Ben Kenobi was still called Obi Wan Kenobi, there was a wonderful network routing system called The Internet Protocol Version 4, also called IPv4. It had addresses made up of four bytes (A.K.A. four “octets”), and was commonly written in “dots and numbers” form, like so: 192.0.2.111.
You’ve probably seen it around.
In fact, as of this writing, virtually every site on the Internet uses IPv4.
Everyone, including Obi Wan, was happy. Things were great, until some naysayer by the name of Vint Cerf warned everyone that we were about to run out of IPv4 addresses!
(Besides warning everyone of the Coming IPv4 Apocalypse Of Doom And Gloom, Vint Cerf14 is also well-known for being The Father Of The Internet. So I really am in no position to second-guess his judgment.)
Run out of addresses? How could this be? I mean, there are like billions of IP addresses in a 32-bit IPv4 address. Do we really have billions of computers out there?
Yes.
Also, in the beginning, when there were only a few computers and everyone thought a billion was an impossibly large number, some big organizations were generously allocated millions of IP addresses for their own use. (Such as Xerox, MIT, Ford, HP, IBM, GE, AT&T, and some little company called Apple, to name a few.)
In fact, if it weren’t for several stopgap measures, we would have run out a long time ago.
But now we’re living in an era where we’re talking about every human having an IP address, every computer, every calculator, every phone, every parking meter, and (why not) every puppy dog, as well.
And so, IPv6 was born. Since Vint Cerf is probably immortal (even if his physical form should pass on, heaven forbid, he is probably already existing as some kind of hyper-intelligent ELIZA15 program out in the depths of the Internet2), no one wants to have to hear him say again “I told you so” if we don’t have enough addresses in the next version of the Internet Protocol.
What does this suggest to you?
That we need a lot more addresses. That we need not just twice as many addresses, not a billion times as many, not a thousand trillion times as many, but 79 MILLION BILLION TRILLION times as many possible addresses! That’ll show ’em!
You’re saying, “Beej, is that true? I have every reason to disbelieve large numbers.” Well, the difference between 32 bits and 128 bits might not sound like a lot; it’s only 96 more bits, right? But remember, we’re talking powers here: 32 bits represents some 4 billion numbers (232), while 128 bits represents about 340 trillion trillion trillion numbers (for real, 2128). That’s like a million IPv4 Internets for every single star in the Universe.
Funny how many here took this to be real, judging from the reactions. To me it’s an obvious joke.
Question to you guys: How do you suppose 200 million customers will share the less than 65’536 ports that are available on that one address?
As @shane@feddit.nl says, you can use the same public port for many different destination address, vendors may call it something like “port overloading”.
More importantly, you can install a large pool of public address on your CGNAT. For instance if you install a /20 pool, work with a 100 users / public address multiplexing, you can have 400,000 users on that CGNAT. 100 users / address is a comfortable ratio that will not affect most users. 1000 users / address would be pushing it, but I’m sure some ISP will try it.
If you search for “CGNAT datasheet” for products you can deploy today, the first couple of results:
- https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortinet-cgnat-solution.pdf Fortinet claiming 1.8 billion concurrent TCP sessions, supporting 25 million new TCP session/s
- https://www.f5.com/pdf/products/big-ip-cgnat-datasheet.pdf F5 claiming “Scales up to 310 Gbps of throughput at Layer 7 with over 480 million concurrent sessions”
- https://www.a10networks.com/wp-content/uploads/A10-DS-Thunder-CGN.pdf A10 Thunder 8665S 800 million concurrent TCP sessions
As @shane@feddit.nl says, you can use the same public port for many different destination address, vendors may call it something like “port overloading”.
I just responded to him on that point, while you were typing to me. I didn’t know this existed, thanks for pointing it out!
More importantly, you can install a large pool of public address on your CGNAT. For instance if you install a /20 pool, work with a 100 users / public address multiplexing, you can have 400,000 users on that CGNAT. 100 users / address is a comfortable ratio that will not affect most users. 1000 users / address would be pushing it, but I’m sure some ISP will try it.
Sure, yeah, I have seen a few threads on NANOG about the NAT address ratios people are using. I also think I remember someone saying he was forced to use 1000 and it kind of worked as long as he pulled the heaviest users out of the pool. But if I recall correctly he was also saying he made IPv6 available in parallel to reduce the CGNAT load.
But the point that made this post ridiculous and an obvious joke is that it said “one address” :-)
Well the “one address” bit sure :) but given the scale supported by CGNAT systems today, I don’t think being able to support an entire country behind a single cluster is that far off. At which point the difficulty becomes “is the 100.64.0.0/10 block big enough”? Or maybe they’re using DS-lite for the hauling from private network to the NAT.
Easily doubled by assigning the TCP and UDP ports to different users!
A TCP session is a unique combination of client IP, client port, server IP, and server port.
So you can use the same IP and port as long as the destination is a different IP or port.
This means that in principle you could use the same IP and port to connect to every IP address on the Internet using 65536 concurrent sessions. 😆
This wouldn’t help going to popular destinations, since they have a lot of people going to the same IP address and port, but for many (most?) of them you probably have some sort of CDN servers in your data centers anyway.
A TCP session is a unique combination of client IP, client port, server IP, and server port. So you can use the same IP and port as long as the destination is a different IP or port.
Fair point! I wasn’t aware of any NAT working that way, but they could exist, I agree. It does blow up the session table a bit, but we are taking about a hell of a large theoretical system here anyway, so it’s not impossible.
This wouldn’t help going to popular destinations, since they have a lot of people going to the same IP address and port, but for many (most?) of them you probably have some sort of CDN servers in your data centers anyway.
Actually we have recently seen a few content providers not upgrading their cache servers and instead preferring to fall back to our PNIs (which to be fair are plenty fast and have good enough latencies). On the other hand others made new ones available recently. Seems there isn’t a universal best strategy the industry is converging on at the moment.
By creating new protocols that then become new quasi-standards that every system has to integrate because “everybody else does it too”?
(and yeah this one is a joke - ridiculing something that really exists by exaggerating it)
I know this is humor, but for the record this wouldn’t work. Each simultaneous TCP connection needs a unique four-tuple (source address, source port, destination address, destination port). If a lot the people behind the NAT try to connect to the same place (destination address and port) at the same time (something popular like Google, YouTube or Netflix), and their source address is the same, the source port needs to be different for each connection. So after at most 65535 connections within a short time the NAT would run out of ports and no one behind the same NAT would be able to open new connections to the same place until the NAT mapping expiries.
So you could have at most tens of thousands of people behind the same NAT, maybe even fewer to make it reliable.
Don’t forget the tech giants are all IPv6 enabled. Google Netflix Apple xhamster Facebook Microsoft are all reachable over v6.
OK, bad examples. On the other hand e.g. X, GitHub, Pornhub, PSN, Steam or Discord do not support IPv6.
I think one of these tech giants sounds wrong? It’s Meta not Facebook
I would love a horror game set in a massive building with nothing but networking equipment. With the goal being to fix and patch old parts of the system finding more and more awful things that have happened to the previous employees.
Wow, there really is a game for everything.
Well damn. I might just be sold based on the trailer alone.
Nooooooo, that’s gonna be a time sink.
Not exactly what you’re looking for but this came across my radar recently https://store.steampowered.com/app/2939600/Tower_Networking_Inc/
I knew of Tunnet, but this looks cool. I wonder if it’s at all helpful for getting to grips with some networking intuition, I always feel behind when it comes to anything networking related.
And the horror is the employees that turned into monsters that just want to get their computer fixed and chase you. And to placate the monsters you have to fix their problem. Each employee has a different problem. But if you mess up you just anger more employees.
Good news, they have these, and you even get paid to do it!
Not nearly enough mind you.
Portal 3?
Would you rather
- Convert to IPv6?
- Pay 10,000,000 per year?
The choice is yours!
that’s 5 cents per customer per year
My reading comprehension is weak. I thought each customer should pay them $ 10M a year.
Still better than switching
oh and if any single one of those 200M customers gets caught pirating a single mp3, all 200M will go to jail forever
A random one will. For each time somebody gets caught.
Or, at least this seems to be how NAT works today.
I don’t know who pulled that cabling, but they need to be hung with it.
Looks AI to me
Negative. That is a 3D print that I left unattended.
Literal spaghetti
Is that what spaghettification looks like?
I think it’s cheese-stringification.
As far as I know, yeah, there could easily be a black hole hiding there somewhere.
My report script is spaghettification
Is the news real? :o
Fuck whoever chose to make the acronym the same, but this is already possible by being a terrible person and sticking PAT behind traditional NAT
