[97593] in North American Network Operators' Group
Re: Security gain from NAT: Top 5
daemon@ATHENA.MIT.EDU (Jo Rhett)
Tue Jun 26 20:07:53 2007
In-Reply-To: <4F6DDD6C-7420-47B5-A06D-6773B89122F0@delong.com>
Cc: Roger Marquis <marquis@roble.com>,
North American Network Operators Group <nanog@merit.edu>
From: Jo Rhett <jrhett@svcolo.com>
Date: Tue, 26 Jun 2007 17:06:04 -0700
To: Owen DeLong <owen@delong.com>
Errors-To: owner-nanog@merit.edu
On Jun 6, 2007, at 9:43 PM, Owen DeLong wrote:
>> #1 NAT advantage: it protects consumers from vendor
>> lock-in.
>>
> Speaking of FUD... NAT does nothing here that is not also
> accomplished
> through the use of PI addressing
If you completely ignore the cost of routing table growth to give
every company their own PI, sure.
>> #2 NAT advantage: it protects consumers from add-on
>> fees for addresses space.
>>
> More FUD. The correct solution to this problem is to make it possible
> for end users to get reasonable addresses directly from RIRs for
> reasonable fees.
Reasonable is a hard word. We've had to turn away customers who
wanted to assign a /27 to each and every machine, without actual
justification for more than 3 IPs per machine. Sometimes people want
to do insane things that aren't technically reasonable, but it's what
they want to do. NAT gives them that option.
--
Jo Rhett
senior geek
Silicon Valley Colocation
Support Phone: 408-400-0550
