On Sat, Aug 3, 2019 at 11:30 AM JORDI PALET MARTINEZ via NANOG < nanog@nanog.org> wrote:
> which again is not the case for 464XLAT/NAT64. Each user gets > automatically as many ports as he needs at every moment.
Unless all the ports are used up.
-> That's right, but you need to calculate a sufficient number of IPv4 addresses for your pool
I view it as an operative benefit of MAP that it is very stable in regards what happens if the ports are used up. This will never affect other users, as it could with old fashioned CGN. And in fact, there is almost nothing that could affect MAP but plenty of things that could go wrong with your CGN. In the case a user has a problem with too few available ports he will contact our support. They will either advise him on what he can do to use less ports (example, tell the user to do less bittorrent). Or they will tell the user about the option of using IPv6 for his purpose or that he could pay for a dedicated non shared IPv4 address. But they would never need to escalate to have anything done to the non-existent CGN. Some might not like it, but this is very sound from a business perspective. Even the case of a DDoS attack. For my scheme with 16 users sharing an IPv4, the attack could affect all 16 users. For CGN it is usually many more. Or the case of Playstation network. Yes they WILL blacklist your CGN just the same as they can blacklist a shared MAP ip address. Except it affects more users. There is some advantage in having less dense usage of the address space. As a site site probably has less than 1 out of 16 chance of blacklisting someone, our support staff can solve a problem for a customer by simply moving him to a different shared IPv4 - they could not do that for a CGN solution, or if they could, the alternative would also be blacklisted. Regards, Baldur