[159774] in North American Network Operators' Group
CGN fixed/hashed nat question
daemon@ATHENA.MIT.EDU (Eric Oosting)
Mon Jan 21 12:06:23 2013
Date: Mon, 21 Jan 2013 12:06:08 -0500
From: Eric Oosting <eric.oosting@gmail.com>
To: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Let me start out by saying I'm allergic to CGN, but I got to ask the
question:
Some of the CGN providers are coming out with "fixed" nat solutions for
their IPv6 transition/IPv4 preservation technologies to reduce logging.
This appears to provide for a static mapping of outside ports/IPs to a
particular customer such that the service provider doesn't need to log
literally every session through the box.
At the last nanog, I seem to remember someone stepping up and discussing
the problems associated with just taking ports 1025 through 1025+X and
giving it to some customer and had brought up the idea of using a hash or
salt to map what would appear to be random ports to a customer in such a
way that you could reverse the port back to the customer later if need be.
For the life of me, I can't find anything on the internets about this
concept.
I had it in my head it was a lightning talk or something, but reviewing the
agenda doesn't ring any bells. Anyone know what I'm talking about and what
it's called?
-e
