|
|
|
I expect two FTTP providers to cover my address by the end of this year - Jurassic Fibre who use CGNAT(no IPv6 currently) and Openreach who use PPPoE(AFAIK). What are the pros and cons of CGNAT vs PPPoE? Is it worth going for Openreach to avoid CGNAT?
|
|
|
I expect two FTTP providers to cover my address by the end of this year - Jurassic Fibre who use CGNAT(no IPv6 currently) and Openreach who use PPPoE(AFAIK). What are the pros and cons of CGNAT vs PPPoE? Is it worth going for Openreach to avoid CGNAT?
To a degree it depends what you use your connection for.
CGNAT (especially without IPv6) is problematic for several reasons. Firstly, it's hard to do any sort of inbound port forwarding to servers on your own network. Secondly, you could be falsely accused if you are sharing an IP address with someone else who is misbehaving.
On the other hand, there are no real "cons" to PPPoE: it's the standard way of delivering broadband and it works well. You may want to enable "baby jumbo" frames to get full MTU 1500. That's it really.
Some badly-implemented routers perform poorly with PPPoE at gigabit speeds: hence either use the ISP-supplied router, or choose your device carefully. If your connection is 300M or less then this is very unlikely to have any effect at all.
Finally, note that Openreach don't "use PPPoE". It's the ISP which runs over Openreach which may or may not use PPPoE. For example, if you buy Talktalk or Sky FTTP via Openreach, then you will be using IPoE not PPPoE. Openreach just passes the ISP's ethernet frames through transparently.
|
|
|
|
Thanks for that.
Jurassic have excellent feedback on Trustpilot, low prices, fast speeds and 30 day rolling contracts as standard(can't stand 18 month plus contracts with early termination fees). However I am the kind of person who may require an actual IP in the future.
As for someone being misidentified under CGNAT surely that's not possible(unless by accident)? ISPs have to accurately log connections against users whether it's CGNAT or not CGNAT.
|
|
Register (or login) on our website and you will not see this ad.
|
|
|
|
You can buy the AAISP L2TP service for £10 per month, and run it over your JF connection. It is limited to 100Mbps but that may be fine for any inbound services you want on a static IP. And you'll get an IPv6 block too.
CGNAT and logs? Most servers don't log the source port number of incoming connections, which makes it harder to associate with a specific CGNAT log. However in practice it's probably not a major concern, and indeed mobile providers have been using CGNAT for years.
Having your traffic go through additional levels of NAT isn't great for performance, and it may work at all if you are using IP protocols other than TCP or UDP; but the vast majority of people will only ever use those protocols.
It's horses for courses. There are some Openreach-based providers who sell FTTP on short contracts too, but your choice is quite limited.
|
|
|
|
Guilt by association: far more likely is if someone sharing the same CGNAT address has been naughty, then then the shared CGNAT public facing IP will get blacklisted. Which then causes headaches acceding certain websites and resources.
|
|
|
|
>There are some Openreach-based providers who sell FTTP on short contracts too, but your choice is quite limited.
Can you name a few FTTP ISPs that do this? I've tried looking for short contracts before but didn't turn up anything.
|
|
|
|
ISPs with monthly/30-day terms for FTTP
- Cuckoo (Openreach)
- Giganet (only CityFibre currently)
- IDNet (both Openreach & CityFibre)
- Pulse8 (Openreach)
|
|
|
|
It's always worth avoiding CGNAT if only to not have CAPTCHA interstitials popping up when trying to do things like use Google.
The "problems" that PPPoE causes are wildly overstated within the more technical minded of the UK community, and usually amount to throughput issues on underpowered routers. The equipment that an ISP supplies will always be able to do line speed PPPoE so it's a non issue really.
|
|
|
...CGNAT vs PPPoE
It isn't an either/or question. ISPs could deploy CGNAT to eke out their IPv4 addresses regardless of the delivery being PPPoE or IPoE.
|
|
|
CGNAT and PPPOE are not an "or". You can have CGNAT with PPPOE or without it.
The cons of CGNAT is going to be you are sharing an IP address with other people which increases the risk of been blacklisted on sites, prevents use of port forwarding, uPNP, so might have issues gaming. There isnt a pro for the end user unless you consider it a potential privacy advantage, but realistically CGNAT isps probably can still track traffic to specific customers.
PPPoE is quite old, and not used as much outside of the UK, which has led to stagnated development of PPPoE software, on a lot of open source devices it might mean that its not multi threaded which can limit throughput. It also without baby jumbo frames cannot handle a 1500 byte MTU. The pros of PPPoE are for the isp side, it makes wholesaling much easier hence its heavy use in the UK.
You can achieve gigabit performance on PPPoE on BSD but you just need to make sure the CPU is good enough, a recent'ish intel with at least 2ghz turbo clocks should be enough. (make sure to disable CPU mitigations).
|
|
|
The pros of PPPoE are for the isp side, it makes wholesaling much easier hence its heavy use in the UK.
Doesn’t really make wholesaling any easier (or harder). Case in point is Openreach which supports both IPoE/DHCP and PPPoE equally on its GEA network. It’s ready down to ISP choice.
|
|
|
It's always worth avoiding CGNAT if only to not have CAPTCHA interstitials popping up when trying to do things like use Google.
I've never had CAPTCHA interstitials for things like that thanks to CGNAT. Not on Three, EE or Starlink.
The only time I ever run into them is the rare occasions I use Tor.
|
|
|
I expect two FTTP providers to cover my address by the end of this year - Jurassic Fibre who use CGNAT(no IPv6 currently) and Openreach who use PPPoE(AFAIK). What are the pros and cons of CGNAT vs PPPoE? Is it worth going for Openreach to avoid CGNAT?
FWIW, Jurassic uses PPPoE too - just that on residential connections you don't see that information as the router is managed by them.
|