[151386] in North American Network Operators' Group
Re: shared address space... a reality!
daemon@ATHENA.MIT.EDU (Christopher LILJENSTOLPE)
Sat Mar 17 13:43:41 2012
From: Christopher LILJENSTOLPE <cdl@asgaard.org>
In-Reply-To: <84D1C749-F0C0-41FE-9F87-F680D6046F66@iname.com>
Date: Sat, 17 Mar 2012 10:42:34 -0700
To: Dave Edelman <dedelman@iname.com>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Greetings Dave,
Having been one of the authors of this, and, at the time, =
unfortunately looking down the barrel of a CGN deployment (in AU). I =
can say, at least in our case, it had nothing to do with monitoring or =
intercept. In fact, CGN actually made that more difficult in some =
circumstances. And this was a carrier that definitely had that =
requirement.
Chris
On 17Mar2012, at 10.33, Dave Edelman wrote:
> Some major stakeholders are under legal or regulatory obligation to =
supervise and control. A small number of control points makes this less =
awful to effect.=20
>=20
> Dave Edelman
>=20
>=20
> On Mar 16, 2012, at 16:21, "cdel.firsthand.net" <cdel@firsthand.net> =
wrote:
>=20
>> NAT at the edge is one thing as it gives an easy to sell security =
proposition for the board. But CGN controlled by whoever sitting between =
their NATs does the opposite.=20
>>=20
>>=20
>>=20
>> Christian de Larrinaga
>>=20
>>=20
>> On 16 Mar 2012, at 19:35, William Herrin <bill@herrin.us> wrote:
>>=20
>>> On Fri, Mar 16, 2012 at 2:01 PM, Octavio Alvarez
>>> <alvarezp@alvarezp.ods.org> wrote:
>>>> On Tue, 13 Mar 2012 23:22:04 -0700, Christopher Morrow
>>>> <christopher.morrow@gmail.com> wrote:
>>>>> NetRange: 100.64.0.0 - 100.127.255.255
>>>>> CIDR: 100.64.0.0/10
>>>>> OriginAS:
>>>>> NetName: SHARED-ADDRESS-SPACE-RFCTBD-IANA-RESERVED
>>>>=20
>>>> Weren't we supposed to *solve* the end-to-end connectivity problem,
>>>> instead of just letting it live?
>>>=20
>>> "We" forgot to ask if all the stakeholders wanted it solved. Most
>>> self-styled "enterprise" operators don't: they want a major control
>>> point at the network border. Deliberately breaking end to end makes
>>> that control more certain. Which is why they deployed IPv4 NAT boxen
>>> long before address scarcity became an impactful issue.
>>>=20
>>> Regards,
>>> Bill Herrin
>>>=20
>>>=20
>>> --=20
>>> William D. Herrin ................ herrin@dirtside.com =
bill@herrin.us
>>> 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
>>> Falls Church, VA 22042-3004
>>>=20
>>=20
>=20
-- =20
=E6=9D=8E=E6=9F=AF=E7=9D=BF
Check my PGP key here: https://www.asgaard.org/~cdl/cdl.asc
Current vCard here: https://www.asgaard.org/~cdl/cdl.vcf
Check my calendar availability: https://tungle.me/cdl
