How can we limit the negative impact of carrier grade NAT technologies and boost IPv6 adoption?
12th Internet Governance Forum
18 Dec 2017 08:00h - 21 Dec 2017 17:00h
20 Dec 2017 11:45h - 13:15h
[Read more session reports and live updates from the 12th Internet Governance Forum]
Moderator Mr Richard Leaning, External Relations Consultant, RIPE Network Coordination Centre (NCC), ppened the panel which sought to discuss how the Carrier Grade Networks (CGN) and IPv6s impact each other’s implementation.
Mr Ron Da Silva, Member of the Board of ICANN outlined how the Internet and the Internet Service Providers (ISP)s rely on unique IP address for data transfers and identification. The issue is that IPv4 addresses which number 4 billion, are running out as one is required for each device. With IPv6 there would be sufficient numbers for the foreseeable future, but IPv4 and 6 are incompatible which means that until everything is available at IPv6, there is a need for dual-stacking or keeping both at same time. To conserve the amount of addresses, service providers are increasingly pushing towards using devices like routers. He said Carrier-grade NAT (CGN) makes law enforcement measures more difficult as they are unable to trace the IP address back to the individual user. Da Silva concluded that due to CGNs, the attribution becomes more difficult than before due to larger population of cases.
Mr Jan Zorz, Operational Engagement Programme Manager, Internet Society, highlighted the technical nature of IPv6 and CGNs. ISPs network architects are seeking to shift who has responsibility for issues. CGNs provide security while delaying problems in the roll out of the IPv6, but place end-users potentially behind a locked community. A locked community is detrimental to innovation by limiting the applicability of new innovations due to making end-to-end sharing harder. Hence, CGNs are a ‘life-support’ measure to the IPv4. He concluded that indeed the CGN does have the security problem which can be addressed if ISPs will start logging their source ports, but this can make the ISP legally responsible.
Mr Greg Mounier, European cybercrime centre, EUROPOL, pointed out that the current three-staged online investigation relies on the ability to follow IP address but with the increasing amount of CGNs and with the increasing amount of users covered, it is becoming difficult to undertake investigative actions based on legal measures. This is especially the case with mobile connections which in almost all cases are routed through CGN. Mounier pointed out that going through a large number of addresses would also violate the privacy of individuals. As such, he concluded that CGN harms online accountability while complicating all forms of criminal investigations.
Mr Ronny Vaughn, Proximus, highlighted that the ISPs need CGN and that while the IPv6 could resolve the issue, the problem is the limited amount of content using IPv6. As such providers are adopting GCN and then back-tracking due to social responsibilities to customers and society. As such providers have adopted a voluntary code of conduct which limits the amount of CGNs which contributes to ramping up of IPv6 due to the limited utility of CGNs. Vaughn pointed out that the new infrastructure might, according to him, ease the transition to IPv6. He concluded that by providing more IPv6 content ISPs might be more incentivised to move to IPv6.
Mr Daniel Obam, National Communication Secretariat of Kenya, as a government representative, outlined that governments are seeking to push ISPs to adopt IPv6 through recommendations and voluntary mechanisms via multistakeholder groups and coordination. Governments can also help with this via procurement policies. He concluded that without wider participation in the IPv6 implementation process, there is a risk of localisation and forgetting those smaller communities which are still using IPv4 who run the risk of losing content, hence dual-stacking should still be in consideration.
Mr Paul Wilson, Director General, Asia Pacific Network Information Centre, APNIC, pointed out that while the IPv6 is the exit strategy for GCN, it was not implemented as quickly as initially expected. As such, IPv6 capability is globally still limited with a variety of countries leading the implementation, largely due to national initiatives and policies. After presenting multiple country specific statistics, the speaker concluded that based on the Sigmoid curve of technological expansion we are likely to see a large increase in IPv6 distribution during the next 5 years.
Leaning pointed out that while policy can help, it is not a solution due to the importance of business and civil society led operations. Private ISPs have incentives to implement IPv6 as it is cost-saving compared to CGN which require constant investment to keep up-to-date.
By Arto Väisänen