Carrier Grade NAT concepts: IP bans

I'd like to deploy a Wireless WAN using IPV6 for at least the wireless bits given that 6 offers higher through-put. I'm exploring the concept of CGN and what strikes me immediately is the liability.

Suppose you use a single IP address for 14 Apartments. Now suppose Ronnie in apt 1 plays a game with Jerry in apt 2. They connect to a public game server on different computers. Ronnie does something naughty and the admins outright ban his IP address as per normal. Despite doing nothing wrong, now Jerry can't play.

Given that even professional sites implement IP bans it's safe to say you can neither trust administrators to A) block accounts exclusively and B) respond to generic customer tickets (depending the website)

Is there actually a way to get around this or is that just a cost of using Carrier Grade NAT?

(I am wholly aware that IPV6 is becoming all the rage, but without some kind of tunneling users wouldn't have access to many websites. At that I would still need Public IPV4 addresses.)


That is indeed one of the problems with CGN. Sharing a resource means that all suffer the consequences when one abuses the resource.

A bank that I consulted for implemented IPv6 on the server side exactly for that reason: more and more users end up behind CGN, hopefully also with IPv6. When their security department has to block an IPv4 address of a CGN, the users with IPv6 will still be able to access their servers.

They even presented about their IPv6 experience: https://ripe74.ripe.net/archives/video/70/