Skip to content

CG-NAT and Why You Might Want to Opt Out

  • by

Summary:

CG-NAT (or Carrier Grade Network Address Translation) is a technique that ISPs and mobile operators use to share IP addresses between multiple users.

It allows more people to connect to the internet than would be possible if everyone had their own address.

However, with CG-NAT your connected device can’t be directly found on the internet. This can cause connectivity problems for some applications. In this case many ISPs will allow you to opt out and have your own unique IP address.

What Problems Does CG-NAT Cause?

Because you don’t have your own public internet address its not possible for you to be found if you are hosting a service. This includes, web servers, email servers, and some multi-player games.

If you are hosting email or websites at home then you are unusual and probably well aware of the issues and what to do about them.

But a lot of people are into gaming and may not be aware of what’s going on and why things don’t seem to be working.

There are also some VPN (Virtual Private Networking) systems that won’t work well or at all with CG-NAT. This includes some corporate remote access systems.

Some of this can be quite confusing for a lot of people. Particularly if something used to work well and then mysteriously stopped working. This can happen if an ISP the used to provide a public address to each customer changes to using CG-NAT to conserve addresses as they expand. Although the ISP may have told people what they are doing it doesn’t help if they don’t understand the implications.

Its always problematic if an ISP changes something that has been working. Its much better practice to leave working systems as they are and only introduce the new arrangements for new services.

Can I Opt-Out of CG-NAT and How?

Many ISPs will provide a way for you to opt out of CG-NAT and get your own public internet address.

You often need to provide a reason. This should be fairly simple such as I want to run a web server, or my game doesn’t work. But of course you need to know that there is something wrong and what to ask for.

This is tricky for many people. I’m sure there are many out there who are having problems and don’t know why. They may even change ISP if they simply think their ISP is broken…. And in a way they may not be far off if the ISP hasn’t been helpful in effectively explaining whats going on.

So, if you are having problems with something like a game or a VPN not working it probably worth considering whether CG-NAT is in use and to ask to have it turned off.

How You Can Tell if You Have CGNAT

If the address on the WAN, or external port of your router is different to the internet seen by the rest of the world on the internet then your ISP has translated your address to a shared one using CG-NAT.

You can check what address you are using as seen by the rest of the world by doing a Google search for what is my IP address. Compare the result with the address shown on your router WAN port.

To find out your router WAN address you will need to log into your router control interface. The details will vary with router manufacturer and model. But the basic principle is to look for WAN address or Internet address. Check your router handbook or help if its not clear.

If your ISP is using both IPv4 and IPv6 addresses then when you do the Google search you will have to specify that by searching what is my IPv4 address. Because if you don’t Google will return the IPv6 result.

You should not ever come across CG-NAT for IPv6 as it isn’t necessary.

Why We Need CG-NAT

There aren’t enough IPv4 internet addresses for everyone and so we need a way to share them so that everyone can connect. CG-NAT allows us to do that.

The internet is intended to be an internetwork of peers. Which means that every device can address data to any other device. To do this every device needs a unique address so that it can be found on the internet.

However, the original version, IPv4, only has about 4.3 billion unique addresses. It’s nowhere near enough for everyone let alone every device to connect. So, there is a need to provide some technique for address sharing.

Most people have been sharing addresses in their homes with normal domestic routers.  One public internet address per customer is shared between multiple devices.

With CG-NAT the ISP is also sharing each public address between multiple customers. In this case the customer doesn’t get a public address. It allows an ISP to deliver service to more customers than they have unique addresses for.

This may sound like a flaw in the original design. But that is not the case. The IPv4 protocol was only intended to be temporary to gain experience while a permanent long term solution was designed. The  transition to the new IPv6, which has a vastly greater number of addresses, has for various reasons taken longer than originally envisaged.