[arin-ppml] Why not NAT for Dorms (Was: Suggestion: charging for IPv4 space)

Jimmy Hess mysidia at gmail.com
Wed Oct 22 03:18:35 EDT 2008


David Farmer wrote:

(1)  Technical definition you are going by is not what is now commonly 
meant. The term "PAT" is a word
used by one equipment vendor for their name of a feature,  and there are 
several other names like "NAPT"
people tried to use.    None of them caught on, and it's still most 
commonly called "NAT".

"NAT"  is  referenced  in the context of shared ips; it is implicit 
that  "masquerading/hiding NAT"  is the type of NAT meant.
Many addresses are translated to one address.
> 6. Why should Comcast users expect a real IP address from Comcast?  It is 
> really the same questions.
>   
They have no expectation of it,  except when Comcast  tells them they 
get a real IP address.
ISP's have delivered service in various ways over the years.    Most do 
use a unique ip for each user connection.

The IP is often not "unique"  to a user in that   the ISP may change it 
from time to time, or have
the user connecting with a new ip tomorrow.




On the other hand: I don't see any reason college dorms should force all 
users to share one IP.


Keep in mind:  a unique ip address is critical  when abusive activity 
such as spam is occuring.
If the IP is  dynamically  assigned or "shared";   it   may not be 
clear  what host is responsible for
the abuse.

Since the IP is shared --  the ISP  (college)  would have to catch them 
in the act, or have traffic
logs available.

In either case, it is likely to take much longer before the 'bad'  hosts 
can be identified.


They are being better citizens by  _not_    having multiple  PCs  share 
one IP in such an environment
prone to being used for abuse.


Computers in college dorms are owned by the students, and not managed by 
professionals.
Students may have a lapse in judgement.   It is _VERY_  likely there 
will be many cases where
incidents of abuse occurs,  and  a unique IP address is useful for 
properly finding the source.

Private IPs  (with one shared external)  are inappropriate for a network 
like this, unless it is
very tightly policed.

Abusive hosts are far less likely to exist on networks where hosts are 
managed  and properly policed.
Universities  can't monitor  or have nearly that level of control of 
what software is on students'  computers.


And  draconian firewalling  of outbound traffic is   right-out,    as it 
inevitably eventually interferes
with the entire purpose of having such networks...

--
-J



More information about the ARIN-PPML mailing list