[156307] in North American Network Operators' Group
Re: Big Temporary Networks
daemon@ATHENA.MIT.EDU (=?utf-8?B?TcOlbnM=?= Nilsson)
Fri Sep 14 08:46:47 2012
Date: Fri, 14 Sep 2012 14:46:07 +0200
From: =?utf-8?B?TcOlbnM=?= Nilsson <mansaxel@besserwisser.org>
To: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
In-Reply-To: <50532169.7070909@necom830.hpcl.titech.ac.jp>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--7mIJwGTFTwAlEXlA
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Subject: Re: Big Temporary Networks Date: Fri, Sep 14, 2012 at 09:22:01PM +=
0900 Quoting Masataka Ohta (mohta@necom830.hpcl.titech.ac.jp):
> M=C3=A5ns Nilsson wrote:
>=20
> >And get v6.
> >
> >Do not NAT. When all those people want to do social networking to the sa=
me
> >furry BBS while also frequenting three social app sites simultaneously
> >you are going to get Issues if you NAT. So don't.
>=20
> Don't?
>=20
> Considering that, ten years ago, some computers were still often
> shared by thousands of people distinguished by their port numbers
> and that, today, pseudo ISPs are using NAT, it is not only wrong
> but also impossible to identify a user only by his IP address
> without port numbers.
Ohta-san,=20
I am not suggesting that. I'm just trying to point out that there
might be a bunch of assumptions that aren't as true anymore when a
lot of client connections share both source and destination address,
and perhaps also destination port. If this happens simultaneously when
a large amount of other tcp connections are NATed through the same box,
resource starvation will occur. If public address space is available,
it is better to use that. Also, no NAT means there will be no session
timers for things like long lived low bandwidth tcp sessions.
--=20
M=C3=A5ns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE +46 705 989668
I think my career is ruined!
--7mIJwGTFTwAlEXlA
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlBTJw8ACgkQ02/pMZDM1cUJ6QCffmmKMzTu6iewrYKqP1zN8dY6
84wAnRrLwSbdrMtiGYFnOidxojEHBG36
=OBRJ
-----END PGP SIGNATURE-----
--7mIJwGTFTwAlEXlA--
