Carrier Grade NAT refers to an implementation of NAT444. What distinguishes this implementation is that the customer is given an IP address (or several) from within a private or shared range managed by the ISP, which is itself address-translated to a small pool of public addresses.
Hence, a customer's home network (IPv4) is translated to a provider's private network (IPv4) and again to the public Internet at large (on IPv4): NAT444.
Algorithmically it's the same network address translation you do at home, but if you were to stack two NAT-routers on top of each other to build a double-NAT at home you'd be a damn fool. When the provider does it, it gets a fancy name.
And even worse, there's no way for either end to tell - unlike IPv4 where if your local IP is in the reserved range, you can pretty much assume NAT, with IPv6, you can get a route check and get a valid IP for the 'net (the machine will also have a link-local and maybe a reserved address as well, hence doing a route-check and figuring out which IP you will be using), and not realize that you still can't communicate.
If, if business or network requirements mandate the use of NAT66 for reasons that can't be worked-around with other, more sensible approaches, then local hosts should exclusively use addresses from the Unique Local Address space. It's like private IPv4 addresses, only with near-zero chance of collision if different domains interact (like VPNs, organization mergers, or leaking of private addresses onto public spaces). A host with (seeming) internet connectivity that has an address in a ULA range must obviously be behind address translation.
Besides, what really breaks devices isn't NAT so much as many-to-one NAT. If (again, for some bizarre reason) an organization chooses to implement NAT66, then they should be using many-to-many NAT, where each internal host still maps to a unique -- but not predictable -- public address. If the public address is rotated every few minutes/hours for new connections (like already happens with stateless autoconfiguration + privacy extensions), then it will be impossible for an attacker to track hosts over the long-term.
I never really understood why we didn't just map all the IPv4 addresses to a IPv6 subset and provide a very simple rule to translate, say by adding all zeros or some other number to the IPv4 address to get its IPv6 one.
We can do that; for legacy reasons IPv4 addresses can be embedded perfectly in the IPv6 space. However, there's no way to do so and ensure compatibility, because an IPv4-only application will simply be unable to handle IPv6 addresses. For IPv4-only applications (on either endpoint) to work on an IPv6 connection, some device in between has to translate the network addresses, or some anagram thereof.
From the perspective of the IPv6-end of things, this is a solvable problem. NAT64 effectively allows a router to proxy the entire IPv4-space, allowing a 6-only host to more-or-less transparently deal with IPv4-only hosts. DNS64 also proxies the DNS records to construct suitable (NAT64-based) addresses for hosts with only A (IPv4) DNS records.
The problem of IPv6 adoption is a classic chicken-and-egg. The differing address lengths mean that compatibility for IPv4-hosts must be broken; the pigenhole principle means that there literally cannot be a stateless mapping between IPv4 addresses and IPv6 addresses, even ignoring the traditional NAT problems of addresses-in-protocols. Some kind of translation intermediate will be necessary until we can finally turn off the IPv4 lights.
If we're to assume that Nokia's goal is to sell a dominant phone platform, rather than a very niche product, these reported sales figures are underwhelming.
ISPs don't want to do carrier-grade NAT, because then they have to maintain carrier-grade NAT.
CGN is a stateful protocol, meaning that each of their implementing-boxes needs to maintain and process state for each data flow to or from your devices. That's no big deal for a single home, but it's a problem for a carrier. If the boxes are too far towards the customer-end of their network, they will be small but they will also be numerous, making maintenance more frequent. If the boxes are too far towards the core of their network, an ISP will only need a few, but the hardware requirements are much heftier to provide acceptable performance. (Already, bittorrent can saturate some of the cheaper home routers).
Simply routing packets is technically far, far easier than running network address translation. Even ISPs that use deep-packet inspection have the option of turning it off if things go wrong -- the network fails open. Carrier grade NAT doesn't have that option.
If DNS/DHCP is so difficult, then you can do exactly the same address assignment with ipv6 that you do with ipv4: give out a static
If you want to be really short, then generate an unique local prefix (/48) for your test networks, and subdivide from there according to whatever scheme you want, like fd8a:db80:db80:building:floor::[machine]
That won't work in the long-term. The problem with carrier-grade NAT is that the ISPs have to... maintain carrier-grade NAT.
Network Address Translation is a stateful protocol, and it's orders of magnitude more expensive to maintain connection tracking on a per-connection basis for your customers than it is to simply route packets between networks. Even ISPs that use Deep Packet Inspection have the luxury of looking at selected traffic flows; carrier-grade NAT has to cover everything or it doesn't work.
shared university general purpose math servers, and the like.
Not even then. I've accidentally killed computing nodes before by overloading system memory with job submission. Technically the system doesn't die, but swap-storms made it so unresponsive that the sysop had to get to the physical console to reboot.
For the presidency, the US has a double first-past-the-post system for a single seat. Electing a minor party requires winning a majority of a pluralities: a plurality in enough states to get an electoral college majority. That's a very tough task, somewhat harder than trying to elect a Green party candidate nationwide if all Canadians voted for a single "Prime Minister Seat."
Parliamentary systems like Canada also do more to encourage minority parties at the per-seat level, for a few reasons:
I've read through the New Journal of Physics article. The ``radio vorticity'' means that the phase of the signal goes through a 180 flip across the beam centre, and the zero-point of this phase shift rotates as you move along the beam. The receiving antennas in the experiment were a pair of yagis, used to create a radio interferometer. The math and experimental results behind this appaer sound, but there are a few limitations:
So for controlled channels -- perhaps even microwave links -- I'm optimistic about engineers being able to build something useful out of this. But the basic math isn't going to generalize to omnidirectional links, and it certainly isn't going to deal well with strong multipath interference. Simply being able to discriminate between modes requires straddling the beam centre, so this absolutely isn't going to work for general consumption.
Also, I don't think that practical antenna design will ever allow more than three or four channels of angular momentum outside of a lab setting. Even that may potentially be a huge win for fixed microwave links, though.
Since the energy is only required when information is erased, reversible computing can get around this requirement. Aside from basic physics-level problems with building these logic gates, the problem with reversible computing is that it effectively requires keeping each intermediate result. Still, once we get down to anywhere close to the kT ln 2 physical constraint, reversible logic is going to look very attractive.
In short, the paper repeats analysis and numerical simulations of a simplified 'agreement model'. People are abstracted as nodes on a graph, communication happens between them, and consensus is reached. If a graph is initialized randomly, with nodes 'believing' either A or B, eventually (in log(N) time) the graph reaches consensus with every node 'believing' A xor B.
This paper adds a twist; some fraction of nodes are 'committed' to A, and cannot ever be convinced of B. To quote the paper:
Here, we study the evolution of opinions in the binary agreement model starting from an initial state where all agents adopt a given opinion B, except for a finite fraction p of the total number of agents who are committed agents and have state A. Committed agents, introduced previously in , are defined as nodes that can influence other nodes to alter their state through the usual prescribed rules, but which themselves are immune to influence.
Now, if even one node cannot be convinced of B, then no consensus can be reached -- but it doesn't really matter. If the fraction is really small, then you can more or less ignore them.
The interesting part about that paper is their threshold effect -- once p gets to be over 10%, not only does A eventually win, but it does so -quickly-.
The applications to politics still hold, but not on the big, obvious issues. Those issues, like taxes and abortion and health care and anything else that really makes the news, have committed believers on both sides -- they're outside the scope of study. Where this research becomes really interesting is in quieter, uncontroversial issues -- like regulation details, or climage change before Al Gore. There, this research suggests that the influence of sockpuppetry and lobbying is nonlinear -- beyond a critical point, the lobbyists completely win.
Of course, caveats about "the real world isn't an abstract graph" apply.
Have you reconsidered a computer career?