Carrier-Grade Network Address Translation is a network mechanism through which many Internet subscribers can share the same IP address. This has lead some to presume that as a result the online tracking of file-sharers might become more difficult for rightsholders. Not so, says a leading ISP.
IPv4 internet addresses are a finite resource and in Europe in particular have almost completely run out. This has led ISPs to look at options for using the IP addresses they have to serve more customers.
One of the solutions is known as Carrier-Grade Network Address Translation (CGNAT), which in basic terms offers a similar function to that provided by the network routers people have at home. Domestic ISP accounts have just a single allocated IP address but many users are able to share it due to the NAT abilities of the router.
CGNAT, on the other hand, is installed at the ISP level, meaning that many of the ISP’s subscribers can access the Internet using the same IP address as each other. This has lead some to question whether this offers an extra level of security to individuals looking to share files online. After all, if many users have the same IP, won’t it be hard for rightsholders and ISPs to say who any culprit might be?
According to BT, a leading UK ISP currently testing CGNAT, pirates can still be identified, providing rightsholders provide some key items of information.
“The technology does still allow individual customers to be identified if they are sharing the same IP address, as long as the port the customer is using is also known,” a BT spokesperson told Outlaw.com.
The ISP said that although IP addresses are shared, the combination of IP and port is unique. This information – along with a timestamp of the alleged activity – is enough to identify a unique subscriber.
“With CGNAT our broadband network ‘translates’ the source IP address on the Hub to a shared IP address, and also translates the ports being used to one within a unique block, from the 65,000 IP addresses ports available. This block is assigned for that user and that user only. We log this translation i.e. the shared IP address assigned, the block of ports and the time.
“If we subsequently receive a request to identify someone who is using IP address x, and port number y, and time z we can then determine who this is from the logs,” BT conclude.