[79986] in North American Network Operators' Group
Re: Service providers that NAT their whole network?
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Apr 19 17:25:56 2005
Date: Tue, 19 Apr 2005 14:25:19 -0700
From: Owen DeLong <owen@delong.com>
To: Philip Matthews <matthews@nimcatnetworks.com>, nanog@merit.edu
In-Reply-To: <4265031C.5010500@nimcatnetworks.com>
Errors-To: owner-nanog@merit.edu
--==========AC4343CE1E7966B2424B==========
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
That makes very little sense to me since the smaller providers can get
a /22 directly from ARIN.
I, personaly, would never purchase service from a provider that insisted
on sticking me behind NAT.
SPRINT PCS does not NAT my cellphone. I receive a dynamic address at
connection time, but, it is a real address. What they do that annoys
me is they block UDP Port 53 to non-sprint nameservers, and, the phone
browser is hard-coded to a particular sprint HTTP Proxy server.
If the practice is becoming more common, that is very unfortunate.
Owen
--On Tuesday, April 19, 2005 9:09 AM -0400 Philip Matthews
<matthews@nimcatnetworks.com> wrote:
>
> Thanks to everyone who replied to my question about NAT usage
> in service providers (see original posting below).
> I got a lot of private replies, as well as those
> who posted to the list.
>
> To summarize:
> It seems that there are quite a few providers who do this.
> I was told of at least 24 providers in the U.S., as well as providers
> in Canada, in Central America, in Europe, and in Africa which which
> do this.
>
> It was suggested by a number of people that this was quite common
> on WiFi access and for data services on cell phones.
> I also heard about a number of cable access providers that do this,
> and its use on DSL access was mentioned a couple of times.
> (Many people didn't say what access types were affected, so I don't
> feel I can derive any meaningful statistics).
>
> A number of smaller providers told me that they do it because they
> simply cannot get enough routable IP addresses from their upstream
> providers.
>
> If I was to speculate, I would guess that the practice might be more
> common amongst newer providers, and with newer access methods on
> more established providers.
>
> - Philip
>
>
>
> Philip Matthews wrote:
>>
>> A number of IETF documents(*) state that there are some service providers
>> that place a NAT box in front of their entire network, so all their
>> customers get private addresses rather than public address.
>> It is often stated that these are primarily cable-based providers.
>>
>> I am trying to get a handle on how common this practice is.
>> No one that I have asked seems to know any provider that does this,
>> and a search of a few FAQs plus about an hour of Googling hasn't
>> turned up anything definite (but maybe I am using the wrong keywords
>> ...).
>>
>> Can anyone give me some names of providers that do this?
>>
>> Can anyone point me at any documents that indicate how common
>> this practice is?
>>
>> - Philip
>>
>> (*) Some IETF documents that mention this practice:
>> - RFC 3489
>> - draft-ietf-sipping-nat-scenarios-00.txt
>> (now expired, but available at
>>
>> http://www.ietf.org/proceedings/02jul/I-D/draft-ietf-sipping-nat-scenari
>> os-00.txt
>>
>>
>>
>
--
If it wasn't crypto-signed, it probably didn't come from me.
--==========AC4343CE1E7966B2424B==========
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)
iD8DBQFCZXdCn5zKWQ/iqj0RAvf7AKCMAIq/oY6m0kGUx8PdatNt9uZLjwCcDk5Q
V0zJeH+Tc9XBFop/7UIWjWM=
=u/un
-----END PGP SIGNATURE-----
--==========AC4343CE1E7966B2424B==========--
