Carrier Grade NAT (CGN)

Verizon,
Verizon has announced some DSL customers will move to Carrier Grade NAT (CGN) which uses IPv6 instead fo the old standard IPv4 we use today (see verizon link below).
This basically means you can no longer port forward. IP cameras and many other applications require port forwarding so they can accessible from the internet outside the home. Many gamers also require this ability.
Eventually everyone will be on IPv6. My question is how will Verizon customers on IPv6 be able to port forward? Or will it just not be allowed?
I understand DSL customers can currently opt-out of CGN, but the point is at some point everyone will be moved to it.
Please See:
http://www22.verizon.com/support/residential/internet/highspeedinternet/networking/troubleshooting/p...
Thank you for your time
- Adam
Solved!
Go to Solution.

ADAM619,
At the moment we're unable to answer these questions. When we have more information we will provide it here in the forums, and make it available at www.verizon.com. Thanks for your patience during this transition. ~Ian
Ian_VZ
Verizon Support
Notice: Content posted by Verizon employees is meant to be informational and does not supersede or change the Verizon Forums User Guidelines or Terms or Service, or your Customer Agreement Terms and Conditions or Plan.

Similar Messages

SIP Traffic in CRS-3 Carrier Grade NAT (CGN) with PAT

Hello
Does the SIP traffic through the module CGN works? We use PAT in the module.
Thank you for your comments
Rodolfo

Hi Rodolfo,
yes, SIP can be used with no issue through CGN system without the need of any particular ALG if SBC performs media-latching.
Take a look at this preso:
http://www.cisco.com/web/CA/events/pdfs/CNSF2011-IPv6-Transition-for-SPs-Chris-Metz.pdf
Kind regards,
N.

Carrier Grade NAT

Hi Every one, I wish you can help me with this inquiry. we are adding Fibre tails to our network and need to do per user queuing and shaping for PPPoE using Radius and I have selected 7603 with IOS15.3(3.)S to do this for me . Noe since we are running out of IPs, we need to do Carrier Grade NAT (CGN) , and based on Cisco Feature navigator only ME3600 and ME3800 (Remote Switches) are able to perform it. I need to come up with a confirmed decision before purchasing the devices. I would appreciate any help.

Hi Adiyudha,
in a general manner, consider these interfaces as SVI or "tunnels" to connect your router to the service blade.
When loaded with a CGN image, the ServiceInfra interface is used for the management of the card. It's mandatory to have it configured to be able to boot properly the card.
The ServiceApp interfaces are used to send traffic (to be NATed or CGv6ed for instance) to and from your router.
It's necessary to configure an IP address on the serviceApp interface, we configure the router side of the tunnel. All other addresses in the range will be considered to be part of the service card side.
So if you define serviceApp1 10.1.1.1/30, 10.1.1.2 will be answered by the CGN card automatically.
These serviceApps must be part of different VRFs (vrf-lite generally) or at least one in the Global routing table and another in a VRF, to avoid routing loops ----> because you'll have to use static routes to send your i2o traffic into the CGN card and to attract back your o2i traffic to guarantee a symetrical path (important in the case of stateful translation).
So, let's take an example if you define a map pool of 20.1.1.0/24 where the external addresses will be allocated to your translations.
You define serviceApp1 in VRF "Inside" with 1.1.1.1/30.
You define serviceApp2 in VRF "Outside" with 1.1.1.5/30.
You need to configure a default route in the VRF Inside pointing to serviceApp1 (or 1.1.1.2), it will send the traffic to the CGN card to be NATed.
And you need to configure a static route 20.1.1.0/24 to serviceApp2 (or 1.1.1.6) to attract the traffic in the o2i direction.
As you said, the serviceApp addresses are only significant locally to the router and don't need to be advertised to the outside, so they can be RFC1918.
Hope it clarifies a bit (not easy without diagrams to describe such principles).
Cheers,
N.
i2o = input to output
o2i = output to intput

Carrier grade nat - static port block allocation.

Hello,
Is it possible to configure nat (cgn) on ASR 1k to permit the same private address always get the same port block allocation from the same public address? With that You dont need nat logging.
regards

ADAM619,
At the moment we're unable to answer these questions. When we have more information we will provide it here in the forums, and make it available at www.verizon.com. Thanks for your patience during this transition. ~Ian
Ian_VZ
Verizon Support
Notice: Content posted by Verizon employees is meant to be informational and does not supersede or change the Verizon Forums User Guidelines or Terms or Service, or your Customer Agreement Terms and Conditions or Plan.

Carrier Grade Network Address Translation (CG-NAT)

Hello,
I live in the UK. One of the largest ISPs, BT, has begun trialling carrier grade network address translation (CG-NAT). In a nutshell, this introduces double NAT - first your broadband router, then the ISP's "router". This is before the ISP has introduced IPv6.
I fear it is only a matter of time before my ISP also introduces CG-NAT. Will/does Skype work in a CG-NAT scenario? If not, what are my options?
Kind regards,
Anwar

I am new to Oracle VM. The dom0 and domU are set up by someone else. So I don't know the details. In the domU, I can't even ping the 10.244.69.35 address of the dom0.
# ping 10.244.69.35
PING 10.244.69.35 (10.244.69.35) 56(84) bytes of data.
From 192.168.200.50 icmp_seq=2 Destination Host Unreachable
From 192.168.200.50 icmp_seq=3 Destination Host Unreachable
From 192.168.200.50 icmp_seq=4 Destination Host Unreachable
The Cisco switch on the 10.*.*.* network is owned by IT and I can't change anything on it. This is why I try to set up NAT on the dom0. I would appreciate any help so that I can access the 10.*.*.* network from the domU.

IPv4 to IPv6 transition thesis

             Hi,
I'm doing Bachelor thesis, the subject is :"IPv4 to IPv6 Transition". I hope you give me titles of books you recommend.
Also,I'd be happy if you give me a few tips.
right now,i need a topology for each transition mechansim with the configuration commands .
and how to configure an IPv4/IPv6 host?
i've already finished CCNA exploration 1 and 2,and now i'm enrolled in a CCNA exploration 3 class.my instructor has not been trained yet on using IPv6 . so,the whole subject is new for me
i'm sorry if this message was badly written , because i'm not that good in english.
yours faithfully,

You might consider the RFC series.
We have been thinking about what we originally called "IP Next Generation" and then called "IPv6" and the requirements for a transition for about 20 years. When we started, we thought about requirements, and over time we have described methodologies and experience with those methodologies. There is ongoing work, primarily in the IETF's IPv6 Operations Working Group (). The current "received wisdom" is probably summarized in RFCs 4213 (
http://www.ietf.org/rfc/rfc4213.txt) and 6180 (http://www.ietf.org/rfc/rfc6180.txt).
Walking through that history means walking through the following. Note that many of these are pretty old, and have been replaced or updated by other documents.
http://www.ietf.org/rfc/rfc1671.txt
1671 IPng White Paper on Transition and Other Considerations. B.
     Carpenter. August 1994. (Format: TXT=17631 bytes) (Status:
     INFORMATIONAL)
http://www.ietf.org/rfc/rfc1933.txt
1933 Transition Mechanisms for IPv6 Hosts and Routers. R. Gilligan, E.
     Nordmark. April 1996. (Format: TXT=47005 bytes) (Obsoleted by
     RFC2893) (Status: PROPOSED STANDARD)
http://www.ietf.org/rfc/rfc2185.txt
2185 Routing Aspects of IPv6 Transition. R. Callon, D. Haskin.
     September 1997. (Format: TXT=31281 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc2893.txt
2893 Transition Mechanisms for IPv6 Hosts and Routers. R. Gilligan, E.
     Nordmark. August 2000. (Format: TXT=62731 bytes) (Obsoletes RFC1933)
     (Obsoleted by RFC4213) (Status: PROPOSED STANDARD)
http://www.ietf.org/rfc/rfc3574.txt
3574 Transition Scenarios for 3GPP Networks. J. Soininen, Ed.. August
     2003. (Format: TXT=23359 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc3750.txt
3750 Unmanaged Networks IPv6 Transition Scenarios. C. Huitema, R.
     Austein, S. Satapati, R. van der Pol. April 2004. (Format: TXT=48153
     bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc3904.txt
3904 Evaluation of IPv6 Transition Mechanisms for Unmanaged Networks.
     C. Huitema, R. Austein, S. Satapati, R. van der Pol. September 2004.
     (Format: TXT=46844 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc4038.txt
4038 Application Aspects of IPv6 Transition. M-K. Shin, Ed., Y-G.
     Hong, J. Hagino, P. Savola, E. M. Castro. March 2005. (Format:
     TXT=69727 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc4213.txt
4213 Basic Transition Mechanisms for IPv6 Hosts and Routers. E.
     Nordmark, R. Gilligan. October 2005. (Format: TXT=58575 bytes)
     (Obsoletes RFC2893) (Status: PROPOSED STANDARD)
http://www.ietf.org/rfc/rfc4215.txt
4215 Analysis on IPv6 Transition in Third Generation Partnership
     Project (3GPP) Networks. J. Wiljakka, Ed.. October 2005. (Format:
     TXT=52903 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc4942.txt
4942 IPv6 Transition/Co-existence Security Considerations. E. Davies,
     S. Krishnan, P. Savola. September 2007. (Format: TXT=102878 bytes)
     (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc5211.txt
5211 An Internet Transition Plan. J. Curran. July 2008. (Format:
     TXT=17158 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc6157.txt
6157 IPv6 Transition in the Session Initiation Protocol (SIP). G.
     Camarillo, K. El Malki, V. Gurbani. April 2011. (Format: TXT=32492
     bytes) (Updates RFC3264) (Status: PROPOSED STANDARD)
http://www.ietf.org/rfc/rfc6180.txt
6180 Guidelines for Using IPv6 Transition Mechanisms during IPv6
     Deployment. J. Arkko, F. Baker. May 2011. (Format: TXT=49679 bytes)
     (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc6219.txt
6219 The China Education and Research Network (CERNET) IVI Translation
     Design and Deployment for the IPv4/IPv6 Coexistence and Transition.
     X. Li, C. Bao, M. Chen, H. Zhang, J. Wu. May 2011. (Format: TXT=44774
     bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc6264.txt
6264 An Incremental Carrier-Grade NAT (CGN) for IPv6 Transition. S.
     Jiang, D. Guo, B. Carpenter. June 2011. (Format: TXT=31881 bytes)
     (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc6586.txt
6586 Experiences from an IPv6-Only Network. J. Arkko, A. Keranen.
     April 2012. (Format: TXT=52062 bytes) (Status: INFORMATIONAL)
http://www.ietf.org/rfc/rfc6589.txt
6589 Considerations for Transitioning Content to IPv6. J. Livingood.
     April 2012. (Format: TXT=68822 bytes) (Status: INFORMATIONAL)

Getting an Open Nat on XBOX One?

Hi all, first post here.
I'm trying to configure my Xbox One so that I have an open nat type as opposed to the moderate one I have now but have abosuletly no idea on how to go about this. I've followed a few guides, but not made any progress. In terms of hardware, i'm running with a BT HH5 Type A on Infinity Option 2. I know for a fact I'm not on Carrier Grade Nat.
So, any ideas? I'm a bit lost really...

The Home Hub 5 has poor UPnP support. Because of this it is not fully compatible with the xbox one.
There are work-arounds you can try
To tell you how to get round the problem I need to know a couple of things
Do you own more than one Xbox One?
Do you also own an xbox 360?
Do you play Call of Duty Ghosts on the xbox one?
There is a workaround to open the NAT but this wont work for call of duty ghosts.
Go to the Network settings in the xbox settings app then run a multiplayer test. When test is finished press and hold both the triggers and the bumper buttons at the same time to go to detailed stats screen.
When on this screen press A then press A again. Hopefully your NAT should now be open. You sometimes have to do this two or three times though to get the NAT open.
Because of the home hub 5's poor UPnP support though there is no way to open the NAT in cod ghosts using UPnP. You need to forward port 3075 to open the NAT in Ghosts.
This is all a total pain and I keep hoping BT will update the firmware with a fix but i not holding my my breath.
It should be said though that NAT doesn't matter for games that use dedicated servers. So for games like Forza or Titanfall you don't need to worry about NAT. It's only games that use p2p that need the NAT open like COD or assassins creed black flag.

IPv6 / CGN

Hi,
So, with the news that RIPE is about to/has already run out of IPv4 addresses, has BT made any statement about this?
I'm not currently a customer, but I will be getting BT Infinity when I move to my new place in 3-4 months (current place has ADSL provided by landlord, so no hope of moving the account or anything clever).
I'm really worried that BT will charge me the same as everyone else for Infinity, but put me (and other new customers) on Carrier Grade NAT, with all the issues that causes.
Thoughts?
Joe

Keith_Beddoe wrote:
Please see this thread.
http://community.bt.com/t5/Other-BB-Queries/Port-forwarding-only-works-for-BT-customers/td-p/839994/...
But he's already posted in that thread http://community.bt.com/t5/Other-BB-Queries/Port-forwarding-only-works-for-BT-customers/m-p/847150/h...
If you found this post helpful, please click on the star on the left
If not, I'll try again

Cisco ASR 9922 CGNAT VSM Module

Hello,
I want to deploy cg nat 44 on a newly purchased ASR 9922 with VSM module on it.
Test Scenario is like this - 2 different inside one vrf (PRIVATE) and one global will be mappped to
one global outside.I have configured but Interface Service App is not coming up. Please see the configuration and recommend what to do . is there any feature for VSM module with 5.1.2 ?
1. sh install committed
Node 0/3/CPU0 [LC] [SDR: Owner]
Boot Device: mem:
Boot Image: /disk0/asr9k-os-mbi-5.1.2/lc/0x3C0266/mbiasr9k-lc-x86e.vm
Committed Packages:
disk0:asr9k-mini-px-5.1.2
disk0:asr9k-services-infra-5.1.2
disk0:asr9k-mcast-px-5.1.2
disk0:asr9k-mpls-px-5.1.2
disk0:asr9k-services-px-5.1.2
Node 0/4/CPU0 [LC] [SDR: Owner]
Boot Device: mem:
Boot Image: /disk0/asr9k-os-mbi-5.1.2/lc/0x3C0266/mbiasr9k-lc-x86e.vm
Committed Packages:
disk0:asr9k-mini-px-5.1.2
disk0:asr9k-services-infra-5.1.2
disk0:asr9k-mcast-px-5.1.2
disk0:asr9k-mpls-px-5.1.2
disk0:asr9k-services-px-5.1.2
==========================================
RP/0/RP0/CPU0:PO561_CORE_1#sh run
Wed Sep 24 08:24:33.373 UTC
Building configuration...
!! IOS XR Configuration 5.1.2
!! Last configuration change at Wed Sep 24 08:24:10 2014 by admin
vrf PRIVATE
address-family ipv4 unicast
virtual-service enable
virtual-service btribcgn
vnic interface TenGigE0/3/1/0
vnic interface TenGigE0/3/1/1
vnic interface TenGigE0/3/1/2
vnic interface TenGigE0/3/1/3
vnic interface TenGigE0/3/1/4
vnic interface TenGigE0/3/1/5
vnic interface TenGigE0/3/1/6
vnic interface TenGigE0/3/1/7
vnic interface TenGigE0/3/1/8
vnic interface TenGigE0/3/1/9
vnic interface TenGigE0/3/1/10
vnic interface TenGigE0/3/1/11
activate
virtual-service btribcgnat
vnic interface TenGigE0/4/1/0
vnic interface TenGigE0/4/1/1
vnic interface TenGigE0/4/1/2
vnic interface TenGigE0/4/1/3
vnic interface TenGigE0/4/1/4
vnic interface TenGigE0/4/1/5
vnic interface TenGigE0/4/1/6
vnic interface TenGigE0/4/1/7
vnic interface TenGigE0/4/1/8
vnic interface TenGigE0/4/1/9
vnic interface TenGigE0/4/1/10
vnic interface TenGigE0/4/1/11
activate
redundancy
iccp
group 1
mlacp node 1
mlacp system mac 0000.0000.0001
mlacp system priority 1
mlacp connect timeout 0
member
neighbor 172.16.100.2
backbone
interface HundredGigE0/5/0/0
isolation recovery-delay 100
group 2
mlacp node 2
mlacp system mac 0000.0000.0002
mlacp system priority 2
mlacp connect timeout 0
member
neighbor 172.16.100.2
backbone
interface HundredGigE0/5/0/0
isolation recovery-delay 100
control-plane
management-plane
inband
interface all
allow Telnet
ipv4 virtual address 172.16.3.1 255.255.255.0
interface Bundle-Ether1
lacp switchover suppress-flaps 100
mlacp iccp-group 1
mlacp switchover type revertive
mlacp switchover recovery-delay 40
bundle wait-while 0
interface Bundle-Ether1.4
ipv4 address 172.16.4.254 255.255.255.0
encapsulation dot1q 4
interface Bundle-Ether1.5
ipv4 address 172.16.5.254 255.255.255.0
encapsulation dot1q 5
interface Bundle-Ether2
lacp switchover suppress-flaps 100
mlacp iccp-group 2
mlacp switchover type revertive
mlacp switchover recovery-delay 40
bundle wait-while 0
interface Bundle-Ether3
description ****** LINK_TO_3750_1 *****
interface Bundle-Ether3.50 l2transport
encapsulation dot1q any
interface Bundle-Ether11
description ****** LINK_TO_PO65_AGG_1 *****
interface Bundle-Ether11.1
ipv4 address 172.16.1.5 255.255.255.252
encapsulation dot1q 11
interface Bundle-Ether11.50 l2transport
encapsulation dot1q any
interface Bundle-Ether12
description ****** LINK_TO_PO65_AGG_2 *****
interface Bundle-Ether12.1
ipv4 address 172.16.1.9 255.255.255.252
encapsulation dot1q 12
interface Bundle-Ether12.50 l2transport
encapsulation dot1q any
interface Bundle-Ether13
description ****** LINK_TO_PO65_AGG_3 *****
interface Bundle-Ether13.1
ipv4 address 172.16.1.13 255.255.255.252
encapsulation dot1q 13
interface Bundle-Ether13.2
ipv4 address 11.1.1.1 255.255.255.0
encapsulation dot1q 132
interface Bundle-Ether13.3
vrf PRIVATE
ipv4 address 22.22.22.1 255.255.255.252
encapsulation dot1q 133
interface Loopback0
ipv4 address 172.16.100.1 255.255.255.255
interface MgmtEth0/RP0/CPU0/0
ipv4 address 172.16.3.2 255.255.255.0
interface MgmtEth0/RP0/CPU0/1
shutdown
interface MgmtEth0/RP1/CPU0/0
ipv4 address 172.16.3.3 255.255.255.0
interface MgmtEth0/RP1/CPU0/1
shutdown
i
interface TenGigE0/3/1/0
interface TenGigE0/3/1/1
interface TenGigE0/3/1/2
interface TenGigE0/3/1/3
interface TenGigE0/3/1/4
interface TenGigE0/3/1/5
interface TenGigE0/3/1/6
interface TenGigE0/3/1/7
interface TenGigE0/3/1/8
interface TenGigE0/3/1/9
interface TenGigE0/3/1/10
interface TenGigE0/3/1/11
interface TenGigE0/4/1/0
interface TenGigE0/4/1/1
interface TenGigE0/4/1/2
interface TenGigE0/4/1/3
interface TenGigE0/4/1/4
interface TenGigE0/4/1/5
interface TenGigE0/4/1/6
interface TenGigE0/4/1/7
interface TenGigE0/4/1/8
interface TenGigE0/4/1/9
interface TenGigE0/4/1/10
interface TenGigE0/4/1/11
interface ServiceApp1
vrf PRIVATE
ipv4 address 12.12.12.1 255.255.255.252
service cgn btribcgn service-type nat44
interface ServiceApp2
interface ServiceApp3
ipv4 address 23.23.23.1 255.255.255.252
service cgn btribcgn service-type nat44
interface ServiceInfra1
ipv4 address 1.1.1.1 255.255.255.252
service-location 0/3/CPU0
interface ServiceInfra2
ipv4 address 2.2.2.1 255.255.255.252
service-location 0/4/CPU0
interface HundredGigE0/2/0/0
shutdown
interface HundredGigE0/2/0/1
shutdown
interface HundredGigE0/5/0/0
description ***** LINK TO PO561_CORE_2 *****
ipv4 address 172.16.1.1 255.255.255.252
interface HundredGigE0/5/0/1
shutdown
router static
address-family ipv4 unicast
11.0.0.0/24 172.16.3.254
214.16.64.0/24 ServiceApp3
vrf PRIVATE
address-family ipv4 unicast
0.0.0.0/0 ServiceApp1
service cgn btribcgn
service-location preferred-active 0/3/CPU0
service-type nat44 nat1
inside-vrf PRIVATE
map address-pool 214.16.64.0/24
end
RP/0/RP0/CPU0:PO561_CORE_1#
======================
Wed Sep 24 08:24:59.780 UTC
ServiceApp1 is down, line protocol is down
Interface state transitions: 0
Hardware is SEAPP SVI Interface
Internet address is 12.12.12.1/30
MTU 1514 bytes, BW 20480000 Kbit (Max: 20480000 Kbit)
reliability Unknown, txload Unknown, rxload Unknown
Encapsulation service_base, loopback not set,
Last input Unknown, output Unknown
Last clearing of "show interface" counters Unknown
Input/output data rate is disabled.
=================
ServiceInfra1 is up, line protocol is up
Interface state transitions: 5
Hardware is SEINFRA SVI Interface
Internet address is 1.1.1.1/30
MTU 1514 bytes, BW 1024 Kbit (Max: 1024 Kbit)
reliability 255/255, txload 0/255, rxload 0/255
Encapsulation service_base, loopback not set,
Last input never, output 00:00:00
Last clearing of "show interface" counters never
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 3000 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 total input drops
0 drops for unrecognized upper-level protocol
Received 0 broadcast packets, 0 multicast packets
788 packets output, 985000 bytes, 0 total output drops
Output 0 broadcast packets, 0 multicast packets

Hi Tural,
yes, it's a VSM running a 5.2.0 (I've seen it running 5.1.1 too in the past).
Config:
vrf Inside
address-family ipv4 unicast
virtual-service enable
virtual-service CGN
vnic interface TenGigE0/3/1/0
vnic interface TenGigE0/3/1/1
vnic interface TenGigE0/3/1/2
vnic interface TenGigE0/3/1/3
vnic interface TenGigE0/3/1/4
vnic interface TenGigE0/3/1/5
vnic interface TenGigE0/3/1/6
vnic interface TenGigE0/3/1/7
vnic interface TenGigE0/3/1/8
vnic interface TenGigE0/3/1/9
vnic interface TenGigE0/3/1/10
vnic interface TenGigE0/3/1/11
activate
hw-module service cgn location 0/3/CPU0
interface TenGigE0/3/1/0
interface TenGigE0/3/1/1
interface TenGigE0/3/1/2
interface TenGigE0/3/1/3
interface TenGigE0/3/1/4
interface TenGigE0/3/1/5
interface TenGigE0/3/1/6
interface TenGigE0/3/1/7
interface TenGigE0/3/1/8
interface TenGigE0/3/1/9
interface TenGigE0/3/1/10
interface TenGigE0/3/1/11
interface ServiceApp11
vrf Inside
ipv4 address 1.1.1.1 255.255.255.252
service cgn VSM service-type nat44
interface ServiceApp12
ipv4 address 1.1.2.1 255.255.255.252
service cgn VSM service-type nat44
interface ServiceInfra3
ipv4 address 1.4.3.1 255.255.255.248
service-location 0/3/CPU0
service cgn VSM
service-location preferred-active 0/3/CPU0
service-type nat44 nat44-vsm
inside-vrf Inside
map address-pool 11.22.33.0/24
end
We can verify the state of the VM and the version of packages loaded (cgn 5.2.0 ova)
RP/0/RSP0/CPU0:Inter#show virtual-service detail name CGN
Wed Sep 24 22:35:32.456 UTC
Virtual Service CGN Detail
CGN:
State : Activated
Node name : 0/3/CPU0
Node status : Install Mgr Ready, SDR Mgr Ready
UUID : be9eec4e-3fca-56bf-ab08-dc31216825fc
Package information
Name : asr9k-vsm-cgv6-5.2.0.00.ova
Path : /harddisk:/520/asr9k-vsm-cgv6-5.2.0.00.ova
Application
Name : CGv6
Installed version : 1.0
Description : Carrier Grade NAT
Signing
Key type : Unknown Package
Method : SHA1
Licensing
Name : Not Available
Version : Not Available
Activated profile name : None
Resource reservation
Disk : 10000MB
Memory : 32768MB
CPU : 71 (system CPU %)
VCPU : 57
Attached devices
# Type Name Alias
1 NIC net1 net1
2 NIC net1 net1
3 NIC net1 net1
4 NIC net1 net1
5 NIC net1 net1
6 NIC net1 net1
7 NIC net1 net1
8 NIC net1 net1
9 NIC net1 net1
10 NIC net1 net1
11 NIC net1 net1
12 NIC net1 net1
13 Serial/shell None serial0
14 Serial/aux None serial1
15 HDD hda DD_10GB_UM_local
16 CDROM hdc ide0-1-0
17 Watchdog None None
Network interfaces:
Name
TenGigE0/3/1/0
TenGigE0/3/1/1
TenGigE0/3/1/2
TenGigE0/3/1/3
TenGigE0/3/1/4
TenGigE0/3/1/5
TenGigE0/3/1/6
TenGigE0/3/1/7
TenGigE0/3/1/8
TenGigE0/3/1/9
TenGigE0/3/1/10
TenGigE0/3/1/11
Resource admission (without profile)
Disk space : 10000MB
Memory : 32768MB
CPU : 100% system CPU
VCPUs : 57 (sockets:3 cores:19 threads:1)
RP/0/RSP0/CPU0:Inter#
ServiceApp and ServiceInfra status:
RP/0/RSP0/CPU0:Inter#sh int serviceapp11 brief
Wed Sep 24 22:35:47.038 UTC
Intf Intf LineP Encap MTU BW
Name State State Type (byte) (Kbps)
SA11 up up service_base 1514 20480000
RP/0/RSP0/CPU0:Inter#sh int serviceapp12 brief
Wed Sep 24 22:35:54.034 UTC
Intf Intf LineP Encap MTU BW
Name State State Type (byte) (Kbps)
SA12 up up service_base 1514 20480000
RP/0/RSP0/CPU0:Inter#sh int serviceinfra3 brief
Wed Sep 24 22:36:02.501 UTC
Intf Intf LineP Encap MTU BW
Name State State Type (byte) (Kbps)
SI3 up up service_base 1514 1024
RP/0/RSP0/CPU0:Inter#
Best regards,
Nicolas.

The service provided by the Samsung SCH-LC11 Mi-Fi device, and/or the 4G LTE service, is unusable.

I got the Samsung SCH-LC11 Mi-Fi device and 4G LTE service from Verizon about one week ago here in the Chicago area.
(Note: the first thing I did was update to the latest firmware (EF07) per the Samsung website.)
I am using it with my AT&T iPhone 4 with "Cellular Data" on the phone turned off completely.
I ran all the speed tests, 10 megabit up/down, wow, great.
Unfortunately, there are at least two major problems with it:
1) I noticed almost immediately that push emails stopped coming to my iPhone after a few minutes.
After looking into this in more detail I realized the following:
   a) The modem inside the Mi-Fi device is being assigned a 10-Net / "carrier-grade NAT" IP address, not a real Internet IP address. Fine, I don't really care as long as it works. I am not trying to use a VPN, or do VoIP, or run some webcam somewhere. In other words I'm not a "revenue leak" in Verizon "parlance" (I worked at Motorola during the OBEX fiasco days), but it's nice to know I'm being treated as such right off the bat.
   b) The "carrier grade NAT" appears to have a TCP timeout of no more than two minutes. I verified this by opening a telnet session to somewhere and not typing something for two minutes. After the two minutes I typed another character, but it never got echoed back and the connection was dropped. After waiting only a minute and a half, it lagged a little but sprang back to life.
   c) Problem is, push email relies on having an open TCP connection that is idle the vast majority of time. When an email comes in, the Exchange ActiveSync server sends a message back out to the device (over the existing connection) saying the mailbox has changed. Unfortunately, after two minutes of idle, the "carrier grade NAT" has dropped the translation entry a long time ago, so the connection is dead.
So I emailed support about this. (the ticket is "WFM87599752").
In the first round they told me to go look in the device's settings @ http://192.168.1.1. Yeah, did that already.
In round two, they blamed the dormancy timer. That's obviously not it, since the modem is layer two and knows nothing about TCP at all. Just to be sure though, I performed the test again, but this time I had a DOS window pinging Yahoo repeatedly so the modem wouldn't become dormant. Problem still happened. I saved the Wireshark PCAP here so anyone can see: http://home.comcast.net/~abcbwtxyz/two_minutes.pcap Frame #339 is where I try to type again, never to hear back.
2) The other problem is that as soon as a second person connects to the Mi-fi device over Wi-fi, the first person gets dropped almost immediately, and can't even reconnect again afterward. I mean, really? Made this video to illustrate: http://www.youtube.com/watch?v=Iadz4DGXFRM
So, can someone help? I know I'm not the only one having these problems; I sent the support alias the following links just as examples, there are many more:
http://himself.wordpress.com/2011/04/30/verizon-wireless-issuing-private-ip-addresses-to-3g-customers-class-a-nat-joy-and-gross-ineptitude-verizon-wireless-3g-fraudulent-enticement/
http://www.broadbandreports.com/forum/remark,26067018
http://www.droidforums.net/forum/droid-x-tech-support/101185-droid-x-verizon-3g-assigning-10-nat-ips.html
-Chris

So just to follow up on this. I called to cancel today. The CSR wanted me to talk to tech support about my problems and talk me out of cancelling so I said fine. Summary of conversation:
1) Immediate acknowledgment that the two minute timeout of idle connections is by design, and no dispute that it breaks push email.
2) Disagreement with the claim that a second person logging on kicks off the first, even though I offered proof. Dismissed my point that other people have seen the same exact thing, saying that if you look up problems other people are having on the Internet, people say anything and everything.
Anyway, I continued with the cancellation; to their credit, they waived the activation fee and credited me for "time served", so I won't owe anything. I did appreciate that.

BREAKING NEWS FOR PORT FORWARDING ISSUES - WHO IN ...

Hi there,
I'm Cisco engineer who can't port forward! No matter what I try. I've never had this prolem before. I read today that BT are puttnig users on a NAT trial. I really suspect I and others are on this trial. The fact that even in a DMZ I can not see any ports open, suggests to me that I am on this trial.
http://www.thinkbroadband.com/news/5818-bt-retail-in-carrier-grade-nat-pilot.html
Now I have tried calling BT. Oh god how I have tried but for the sake of my health and sanity, I can't subject myself to it anymore.
Any wiser? How do I get BT to remove me from this trial?
Solved!
Go to Solution.

If you were on the trial the IP your router reports would be different to the one that you see if you go to, for example, www.ipchicken.com
Is this the case?
If not then you are probably doing something wrong, Cisco engineer or not
Tom - Mouselike

Help with dmz or port forwarding on Verizon Jetpack 4G LTE Mobile Hotspot 890L

I really need help with this I want to play gta v but I have strict nat type on ps4 and everytime I go to the dmz on the ip website it shows the ip and the other side shows add and a dot I click on my ip and click apply but it tells me delete this ip but it also won't even let me delete the ip

You may wish to ask this question over at the Verizon Wireless forums: https://www.verizonwireless.com/community . This community is for DSL and FiOS support, not LTE hotspot support.
Be aware, Verizon Wireless uses Carrier-grade NAT, and your Hotspot also performs NAT. Game consoles do not like being behind Double NAT. Depending on how your hotspot is set up on the back end, you may only be able to achieve Moderate NAT / NAT 2 on the hotspot. If your hotspot has a public Internet IP, you should be able to hit Open NAT.
========
The first to bring me 1Gbps Fiber for $30/m wins!

Why is browser ip address different than network ip address?

Trying to use remote access from home to my server computer at work (small salon running a management software called STX Salon Transcripts) and used to look for my server ip address using what's my ip.com, which gives me an ip that hasn't been working--now I find an ip in my network settings that's completely different... Server computer is plugged into the internet directly to the modem...

Not enough information.
Was this ever working for you?
Does the service provider at work claim to provide a static IP address?
Are you accessing what's my ip.com from the server at work?
Is either of the addresses involved in the ranges that RFC1918 defined as private (10.0.0.0 - 10.255.255.255, 172.16.0.0 - 172.31.255.255, or 192.168.0.0 - 192.168.255.255)?
Is either of the addresses involved in the range that IANA reserves for carrier-grade NAT (100.64.0.0 - 100.95.255.255)?

ASR9001 NAT or CGN

Hello..
Does ASR9001 supports NAT or CGN???

No. NAT/CGN is supported via ISM card which is not supported on ASR9001 (no space to fit :-)).

Berkeley DB Oracle Open World Sessions

Oracle Open World is going to be on Sep. 21 through 25 at the Moscone Center in San Francisco. You can register here.
If you're already registered, you can pre-enroll for any of these Berkeley DB sessions:
S298846: Hands-on Lab: Lightning-Fast Java Object Persistence Using Oracle Berkeley DB Java Edition (Sun 9/21, 10:30)
S299649: Panel: Choosing the Right Embedded Database for Your Application (Microsoft/TriCipher/Actuate, Mon 9/22, 13:00)
S299631: Oracle Berkeley DB XML in MapGuide Open Source and Autodesk MapGuide Enterprise (Autodesk, Mon 9/22, 14:30)
S299709: A Fully Customizable Point-of-Sale System at FEC, Using Oracle Berkeley DB (Firich Enterprises, Mon 9/22, 17:30)
S299654: Carrier-Grade Applications Using Oracle Berkeley DB (Adaptive Mobile, Tue 9/23, 17:30)
S298845: Accelerating Application Performance with Oracle Berkeley DB (Riverbed Technology, Wed 9/24, 17:00)

[http://orana.info/]
[http://www.rittmanmead.com/blog]
[http://www.livestream.com/openworldlive]
twitter @oracleopenworld, @oracletechnet, #oow09

Carrier Grade NAT (CGN)

Similar Messages

Maybe you are looking for