[162240] in North American Network Operators' Group
Re: Verizon DSL moving to CGN
daemon@ATHENA.MIT.EDU (Rob Seastrom)
Sun Apr 7 08:39:30 2013
To: Jimmy Hess <mysidia@gmail.com>
From: Rob Seastrom <rs@seastrom.com>
Date: Sun, 07 Apr 2013 08:39:16 -0400
In-Reply-To: <CAAAwwbV733O1yMgYjtNCVg+_n7jZqMEgJLW7ekzrGZDEiZTU9A@mail.gmail.com> (Jimmy
Hess's message of "Sat, 6 Apr 2013 23:37:09 -0500")
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Jimmy Hess <mysidia@gmail.com> writes:
> On 4/6/13, Matthew Kaufman <matthew@matthew.at> wrote:
>> On 4/6/2013 6:24 PM, cb.list6 wrote:
>>
>> I'd love to see a CGN box that is cheaper than IPv4 addresses currently
>> are on the transfer market.
>
> You mean like a few linux servers running iptables nat-masquerade?
>
> You think the "Carrier Grade" in "Carrier Grade NAT" isn't just a
> rhetorically constructed distraction, from the fact that simple NAT
> may be implemented, and yeah, end users are certain to experience
> annoyances, either way...
Forget about the "annoying users" part; the "carrier-grade" part of
CGN is all about not annoying the service provider. As far as I'm
aware, iptables does not include deterministic port translation based
on source address, nor easy-to-configure hooks for CALEA [*]. It may
well turn out that once one factors in support your costs are higher
with large scale NAT-on-Linux than if you'd sucked it up and coughed
up a quarter mil for an appliance.
-r
[*] I'd love to hear that I'm wrong on this count, but a how-to
document that explains how one can lovingly handcraft such a thing as
opposed to a special refactored distro that's ready to plug-and-chug
appliance style will only serve to reinforce my assertion.
