Qtel, the largest carrier in Qatar (and nearly the only Internet provider) appears to connect all their users (~600K) to the Internet through just one or a very few public IPv4 addresses. 126.96.36.199 was their single public address in 2006-2007. How can network address translation (NAT) put all those users through just one IP address?
Well, both UDP and TCP include 16-bit port numbers, so for each IP address there are 2**16 = 65,536 unique IP address/ TCP port number combinations which can support network address translation (NAT) for more than 65K simultaneous connections. Of course, individual browser sessions may open multiple connections so each on-line user can tie up several such connections, even several dozen.
But there are more unique fields that come into play. On the Internet side of the NAT, each active IP session has five fields of interest: source IP address, source port, protocol, destination address; destination port. So you can use the same source address and port number for multiple independent sessions if the sessions are going to different destinations or using different protocols. With this approach, one public IP address can clearly support millions and millions of connections.
But what if most of your users are trying to reach just a few destination addresses? That’s a problem Qtel had (or at least their users had) when accessing Wikipedia in 2006.
One obvious solution is to devote more than one public IP address for the whole country! Indeed, if a few hundred people are attempting to access the same address simultaneously, then having a few hundred IP addresses (for the whole country!) would do it. Of course, if the destination IP address is that of Google’s search bar, you might need more than a few hundred IP addresses.
There is another path, one which Geoff Huston alludes to in a recent article on the IPv6 transition.
… we may expect to see a push to re-architect content into Content Distribution Networks that have points of presence in major access networks.
Today, major content distribution networks (CDNs) like Akamai, Amazon Cloudfront, Limelight and Google each maintain thousands of servers close to the edges of the Internet. These servers cache popular content close to where the users are.
When many, many users in Qatar simultaneously try to access the same content, the load on Qtel’s NAT boxes could be dramatically reduced by putting the appropriate CDN’s caching servers within Qtel’s private address space. Then requests for popular content wouldn’t even go through the NAT, reducing total traffic and dramatically reducing the occasions when two users are going through the NAT to the same public IP address.
It’s not in line with the Internet’s original end-to-end design, but as IPv4 addresses get more expensive, we can expect to see more and more use of NAT and CDN servers moving into carriers' private address domains.