If ever you wondered what is CGNAT, or what do those acronyms mean Today we are going to solve those doubts. We are not only going to show you what it means, but also we will see its usefulness and purpose today with ADSL and fiber optic connections, which is in more homes every day.
Due to the current lack of public IPv4 addresses, it is necessary to use CG-NAT technology by the different operators. In Spain, companies like Masmóvil, Yoigo and Pepephone make use of this technology.
If your operator uses CGN in its ADSL connection or in its optical fiber, you will not be able to host services as it cannot open ports. But we are going to explain in a simple way some concepts so that you can understand it correctly and draw your own conclusions.
What is CG-NAT?
The simplest definition that we can make of these acronyms is the following: CGNAT stands for Carrier-grade NAT, a protocol used to extend the lifetime of existing IP addresses.
As we say, CG (Carrier Grade) is a technology that allows the operator to bring the NAT technology found in the router of our homes, directly to the networks and that will not depend on our router. I know, it is not very easy to understand.
NAT (Network Address Traslation) allows us to use the same public (external) IP address for multiple private (internal) IP addresses at the same time.
NAT technology has been in use for a long time in all networks. Due to the scarcity of IPv4 addressing, we could not have a multitude of public IP addresses in our home, for example.
For this reason, thanks to NAT technology, to host a specific service on a local network, the router had to be configured first, to perform what we call "opening the ports" on the router and thus gain speed or data transaction in our connection. .
To do this, you have to select one of the internal ports, another external one, select private IP and also the so-called transport layer protocol (TCP or UDP). In this way, any user from the Internet will be able to access the service that we have active through the router.
Or put another way, The Internet connects millions of computers every day, but the number of addresses that exist are limited for each computer. That is why the protocol that was used and is currently being used, IPv4, was not enough to cover the demand for Internet access services.
Therefore, The IPv6 protocol was created, but in the beginning the migration to this protocol was not easy for the operators, since it was not possible to navigate in a large number of web pages, since they were not prepared.
Due to these drawbacks, large-scale NAT or CG-NAT was designed, a solution that allows several computers to connect to the Internet using only one IP address. This tool makes it possible for networks to work with private network addresses and be redirected to public ones by means of translation equipment that is located between the user and the internet.
Operators like Yoigo, Masmovil or Pepephone, and some others like Jazztel, use this technology for some of their clients. Thanks to CG-NAT, companies with multiple computers connected simultaneously will be able to connect to the Internet using very few IP addresses.
Operators such as Masmovil, Yoigo or Pepephone use it on their mobile phone lines, this is so because we do not have an FTP server on the phone. But when we refer to our home and to fiber or ADSL it is different.
In the normal use of a user it will not present problems, but we can find some problems in some services. This is so because they can expel us from their servers if they detect that the IP used is already active, or directly deny us access.
Since we share a Public IP we will not be able to access the router to open the ports (Port Forwarding), due to this it will be possible to establish any service in the local network. If you want to use an FTP server, use a NAS, etc. we will not be able to do it.
And this is so, because the WAN IP is not public. The router therefore loses part of its service and becomes a router with minimal services, since it is the operator who will control most of its functions.
How do you know if you have CGNAT?
If you are a regular player, you may be affected by it, and you may notice problems in online games, it will not be a significant problem, but it may limit you in their development.
Therefore, we are going to check if we have the CG-NAT protocol active in our Internet connection. For this we must examine the WAN IP of our router. If you make sure that your IP is not public, it is very likely that you have a CG-NAT service.
Another option to check if you have this service is to perform a traceroute (or tracert). If you have already verified that your IP address is public (you can find out your IP by pressing here), you must open the command prompt in Windows, pressing the Windows key, now in the search engine type "cmd" and press the Enter key.
Now write "tracert (followed by your IP address with a space between them)"
If the trace has only 1 hop, it means that you have a public IP, if on the contrary you have two hops, it means that you are in CG-NAT.
Thanks to these two simple tricks you will be able to know at any time If the operator you have contracted provides you with a public IP, or yet you have a CG-NAT assigned.
It seems that its use, or being under a connection of this type is the worst, but it also has its benefits, since it gives us an extra security, since prevents any malicious user from accessing the devices that you have connected to your router. Well, it does not allow any user to initiate an external connection on a computer connected to your own router.
In fact, for the police destined to investigate cyber crimes, the use of this technology is a problem, since when investigating the possible crime, they find the problem that if they are using CG-NAT, they come across dozens or hundreds of users sharing the same IP.
Therefore, those users whose operators use CG-NAT they cannot be clearly identified. Putting the authorities fighting against the Dark Web, and what surrounds it.
What operators use CG-NAT?
The Más Móvil operator was one of the first to incorporate CGNAT into its networks back in 2017. As far as we know, Yoigo or Pepephone include this technique by default in fiber optic contracts and in ADSL2 + services. But do not worry too much, with a call requesting the exit of this type of connection, in just one day you will be out of it.
Jazztel is another company that uses CG-NAT for the fiber optic connections of some of its clients. As with the previous company, by making a call to their customer service and the pertinent request, you can abandon this service in the event that you need a public IP address to host services.
As you can check the output of this type of connection and service, it is easy, and they do not put any type of impediment.