CGNAT is a large -scale protocol that applies NAT, the IP address translator , directly to an operator’s network, and is an alternative to IPv4 address exhaustion. However, the format brings some problems to the structure and security of the world wide web. Learn what CGNAT is and why it is not an ideal format for the internet.
What is?
To understand what CGNAT is, you must first know NAT, or Network Address Translation, or in Portuguese, Network Address Translator. This is a protocol that allows internal network addresses, which in theory are closed, to communicate with the internet.
How NAT works
When the World Wide Web became popular, it created a scaling problem for corporate networks, as the peers (computers) could not connect to it to exchange information with other external terminals, because their IP addresses are incompatible with those used by the Internet.
Requests are generated by the router, which has a global IP, but when returning the packets, it was necessary to identify which machine the request came from. This is where NAT comes in: it maps the points on the network and identifies each one through local port and IP. With this data, it generates a 16-digit code using the hash table, this being the IP of a terminal on the internet.
NAT is also used in home networks: your cell phone, computer, video game, TV and smart devices each have an IP generated via hash to communicate with the internet, while the router concentrates all data requests.
CGNAT appears
CGNAT, from Carrier Grade Network Address Translation, or Large Scale Network Address Translator in Portuguese, is the NAT protocol applied not to the user’s or a company’s router, but directly to the provider’s network, being a large tool. to deal with a critical issue: IPv4 exhaustion.
As the protocol uses 32-bit logical addresses, it allows a maximum of 4.29 billion devices connected to the internet, and currently, there are no more numbers available to be allocated; very soon, all positions will be occupied simultaneously.
The IPv6 protocol uses 128 bits, so it supports up to 340 undecillion simultaneous addresses (34 followed by 36 zeros), but migrating all IPv4 addresses to the new format would take a long time. In this way, operators started using NAT directly on their networks, which is CGNAT.
It is an intermediary layer between the user and the internet, which assigns the same public IPv4 address to several private connections at the same time, directing each point (user) through different ports.
It is actually a great workaround, which allows operators to manage the old addresses they have for a longer period of time, until the conversion to IPv6 is completed.
The problems of CGNAT
Network experts claim that CGNAT is harmful to the internet, as it violates one of the basic principles of the network, which is the point-to-point connection. In it, each user has a unique, easily identifiable address, which does not happen when NAT is applied to users, causing several to use the same IPv4 address.
As the direct identification of the user is more complex than it should be, a CGNAT network can bring complications to many services that the consumer uses, such as streaming, P2P services, online games, VoIP and any other service that depends on a unique address.
Another major problem generated by CGNAT is convenience. Although it was adopted as a temporary alternative, until the migration to IPv6 was completed, its adoption ended up hindering this process, because the half-assed protocol “works”, which is understood by companies as saving money in infrastructure. .
Thus, these companies are pushing IPv6 with their belly, making do with the CGNAT keeping IPv4 on the “breather”, as harmful as this may be for the internet as a whole and for users, just because the NAT applied to the network allows this.
The difficulty in identifying a user by IP, something already raised as a problem by Anatel in 2014, can lead to malicious users to practice digital crimes, and the CGNAT ends up being a facilitator. In ideal situations, the protocol should just be a patch and not a long-term solution.