Some customers of Sky Broadband have noticed, via our forum (here), that the ISP has quietly deployed a modern type of Internet Protocol (IP) address sharing called MAP-T that seems to be a notable improvement on other sharing solutions, like the often maligned Carrier Grade Network Address Translation (CGNAT).
Let’s start with a little context. The reason why some ISPs adopt IP address sharing is to help balance against dwindling stocks of older IPv4 addresses (e.g. 123.45.76.200), which are hard (expensive) to expand now that spare address space has run dry. So, while a provider like Sky Broadband may have no shortage of newer IPv6 addresses, they still need to work with v4s in order to ensure that customers can enjoy full access to the internet.
However, one way of stretching the life out of v4s is by sharing each address between multiple users, which is not universally popular as it tends to raise security concerns (i.e. some services partly manage or block access at specific IP level) and may cause connectivity problems under certain circumstances (e.g. port forwarding can be “fun“).
Admittedly, the chances are fairly good that most people might not care about changes like this, particularly as for the bulk of online tasks they’re often seamless to end-users. But if you work in IT / Networking or understand the significance, then you’re probably much more interested in what this means and also more likely to be impacted.
The above is particularly true when it comes to methods like CGNAT, which has become about as popular with some users as Hannibal Lecter at a school meeting. But there are other approaches that can achieve a better outcome, although some caveats will always remain with any approach to IP sharing.
Sky’s MAP-T
The latest development is that users of Sky Broadband’s latest Wi-Fi 6 capable Sky Max Hub router have noticed that their IP address is being shared by MAP-T (Mapping of Address and Port using Translation). The router launched a year ago as part of a paid WiFi booster add-on (here), although Sky do now appear to be shipping it to customers alongside their top FTTP broadband packages by default too (based on customer feedback to ISPreview).
Unlike CGNAT, which is more of a stateful solution (i.e. it has to track the state of every single lease, session, IP address assignment and more), MAP-T is primarily stateless. Put another way, it can do what CGNAT does (sharing addresses), albeit without the costly overheads (CPU, database and memory requirements) because it doesn’t have to keep track of every single lease, session etc. This provides v4-v4 connectivity over a v6 domain (explained more below).
Sky Italia has already deployed MAP-T in a forceful way (see this document for the technical details) and now Sky UK are doing the same, albeit via a more opportunistic approach. Crucially this is friendlier to things like port forwarding than CGNAT and in fact Sky UK’s approach adopts a degree of automated opt-out, which dynamically moves customers to a 1:1 (unshared) IP profile to allow for port forwarding and DMZ etc. (this is a difficult thing to do, especially at scale, so hats off to Sky’s network team). So far as we can tell, Sky appears to have two MAP-T profiles, either an 8:1 or 1:1 IPv4 address sharing ratio.
As one of our readers (hants) said: “Interestingly, I can affect the sharing ratio by defining port-forwarding configuration (via MySky) — if you pick a large range of ports, your sharing ratio reduces (which makes sense). However, even when configuring a DMZ, I still end up on MAP-T albeit with a sharing ratio of 1:1 — even in that scenario, the IPv4 address isn’t really terminated on my router.”
Sky’s approach to MAP-T seems to be trading a bit of IPv4 usage efficiency for a better customer experience, which is fine by us. But as we understand it, Sky has not yet announced any plans to introduce MAP-T on to their older routers, which may be because their latest kit (only the Sky Hub Max / Hub 6) and MAP-T is built on top of RDK-Broadband. Future routers will be the same too, but this is difficult to put on their older routers.
However, just to be clear, customers don’t strictly need the Sky Hub Max in order to harness MAP-T. The network itself is not restricting MAP-T support, so if, for example, someone were to connect an OpenWRT router (and install the required map package with opkg install map) then they will also get MAP-T.
At present, Sky is still believed to be in the middle of deploying this change, although we understand this should complete by the end of June 2024. We have asked Sky for a comment and hope to have something soon. In addition, we recently learnt that both Sky Stream and Sky Glass TV will start using IPv6 very soon (until now they’ve been limited to v4).
Sky is the first of the major UK ISPs to do this. In fact, so far as we can tell, they’re among the first of all home broadband providers – at any scale – to do it, with many others still focused on CGNAT for IP address sharing. Granted, for some people even MAP-T will still have its caveats and for that you’ll probably seek a Static IP (Sky don’t sell this to homes), but MAP-T is a nice improvement and Sky’s approach seems innovative.