[128057] in North American Network Operators' Group
Re: IPv4 Exhaustion...
daemon@ATHENA.MIT.EDU (Leo Vegoda)
Fri Jul 23 17:29:35 2010
From: Leo Vegoda <leo.vegoda@icann.org>
To: Ricky Beam <jfbeam@gmail.com>
Date: Fri, 23 Jul 2010 14:29:00 -0700
In-Reply-To: <op.vgbc00vftfhldh@rbeam.xactional.com>
Cc: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 23 Jul 2010, at 1:40, Ricky Beam wrote:
[...]
>> Do the complaints you receive include port numbers?
>=20
> I've never seen one that did. I've not even seen one with an exact =20
> timestamp.
>=20
> You would require the src and dst ip *and* port, plus the near exact =20
> timestamp of when the connection was opened and closed. Even then, that'=
s =20
> one needle in a huge pile of identical needles. The netflow/sflow/etc. =
=20
> data needed to support such a lookup for a modern ISP network would be =20
> absolutely insane. (a decade ago for a small, regional ISP/telco, just =20
> prefix records were over 700MB per day -- back in the days of 2mb DSL, =20
> before bittorrent...)
Richard Clayton wrote some interesting articles on this earlier this year. =
There's a UK flavour to them but I expect the concepts are transferable.=20
http://www.lightbluetouchpaper.org/2010/01/12/extending-the-requirements-fo=
r-traceability/
http://www.lightbluetouchpaper.org/2010/01/13/practical-mobile-internet-acc=
ess-traceability/
http://www.lightbluetouchpaper.org/2010/01/14/mobile-internet-access-data-r=
etention-not/
Regards,
Leo
