Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) Quake/QW and Pipeline 75 and NAT
[In the message entitled "Re: (ASCEND) Quake/QW and Pipeline 75 and NAT" on Nov 3, 9:34, "David P. Reed" writes:]
> PERFECTLY valid, and in many cases very good ideas. It may be possible to
> make Quake's protocol NAT-compatible - and I suspect the market will do
> that, because enough ISPs have decided to offer NAT-crippled service to
> save a few bucks on subnet address space. But there are other protocols
> (some yet to be invented) that make a lot of sense for their application,
> but for which forcing NAT compatibility may be difficult, impossible, or
> just plain suboptimal.
>
Let me start this by saying I don't even know what Quake is (really!).
Anyone that claims that ISP's are doing NAT "to save a few bucks on subnet
address space" is very confused. Addresses are just plain hard to come
by. Kim, the Internic, and (soon) ARIN are controlling the growth of
the address space for the good of the net as a whole. Cost does not
enter, even a little bit, into the equation.
In order to get address space today, you *have to be able to justify it*.
This means that:
1) You have to document the fact that you are using address space
efficiently. This includes things like proving that you are
using dynamic addresses for dialup, non-dedicated use. As well,
it means you have to SWIP address space to customers using larger
than a /29, and in turn force *them* to document the use.
2) You have to demonstrate need. This means that you have efficiently
utilized 80% of your last allocation (and 100% of previous allocations)
before the Internic (or ARIN) will allocate you more space. You must
show that you need more space by forcasting short-term and long-term
growth. Failure to meet your growth estimates *will* cause your
future allocations to be delayed or denied.
You do not get address space by buying it. Some people claim to have
purchased /16's from companies no longer using them - this is no longer
permitted, and when the registration is changed, justification will need to
be produced. If you can't document it - it will be withdrawn. You can,
however, 'buy' address space by purchasing (and continuing to run) a company
with a legacy address space.
NAT serves a legitimate need. Many companies today have a large legacy
address space, but have firewalls that prevent this space from being
accessed by the Internet, due to security concerns. This is one of the very
good reasons for RFC-1918 space to exist - if you can't get to it from the
Internet, it should not be a globally allocated space. This does not
prevent users of that network from wanting to 'surf the web', thus the use
of proxy/caching servers, and NAT boxes.
An ISP that uses NAT to offer enhanced services is a good thing. They are
making more efficient use of the address space available to them. We used
to do things like this by putting lots of users on one box (like getting
people to log in to a UNIX system to read their mail). With the advent of
TCP services on the workstation, the 'need' for address space has exploded.
In reality, the (very) limited use of workstation-based address space
does not (IMHO) justify its use.
And yes, I do make extensive use of RFC-1918 space on my networks, both
for test and production use. I use many proxy servers, and firewalling.
--
Dave Rand
dlr@bungi.com
http://www.bungi.com
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>