[47203] in North American Network Operators' Group
Large ISPs doing NAT?
daemon@ATHENA.MIT.EDU (Beckmeyer)
Mon Apr 29 11:44:30 2002
Date: Mon, 29 Apr 2002 08:43:11 -0700
From: Beckmeyer <beck@pacbell.net>
To: nanog@merit.edu
Message-id: <3CCD6A0F.3050406@pacbell.net>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii; format=flowed
Content-transfer-encoding: 7BIT
Errors-To: owner-nanog-outgoing@merit.edu
Is anybody here doing NAT for their customers?
I'm looking at a situation where I may have to provide NAPT for tens of
thousands of users and am curious as to what hardware is being used, how
well it scales, what kind of loads it takes such as:
throughput,
max simultaneous sessions experienced,
session establishment rates,
avg # of sessions per user,
ALGs you've found necessary,
number of sessions supported per public realm IP in reality.
I've done a survey of firewall, switch, and router companies so I have
their reported numbers and I've done a bit of testing in my lab and have
found that reported numbers do not necessarily translate into what the
box will experience in something resembling a production network. This
is why I'm asking this group - reality can bite!
A second area of concern I have is how to enforce AUPs when your users
"appearance" can be *very* transitive making tracking back the offender
nearly impossible.
Any small piece of help, advice, or pointer would be most appreciated.
Thanks most much.
John Beckmeyer
beck@pacbell.net
