[arin-ppml] Why not NAT for Dorms (Was: Suggestion: charging for IPv4 space)
Jimmy Hess
mysidia at gmail.com
Wed Oct 22 03:18:35 EDT 2008
David Farmer wrote:
(1) Technical definition you are going by is not what is now commonly
meant. The term "PAT" is a word
used by one equipment vendor for their name of a feature, and there are
several other names like "NAPT"
people tried to use. None of them caught on, and it's still most
commonly called "NAT".
"NAT" is referenced in the context of shared ips; it is implicit
that "masquerading/hiding NAT" is the type of NAT meant.
Many addresses are translated to one address.
> 6. Why should Comcast users expect a real IP address from Comcast? It is
> really the same questions.
>
They have no expectation of it, except when Comcast tells them they
get a real IP address.
ISP's have delivered service in various ways over the years. Most do
use a unique ip for each user connection.
The IP is often not "unique" to a user in that the ISP may change it
from time to time, or have
the user connecting with a new ip tomorrow.
On the other hand: I don't see any reason college dorms should force all
users to share one IP.
Keep in mind: a unique ip address is critical when abusive activity
such as spam is occuring.
If the IP is dynamically assigned or "shared"; it may not be
clear what host is responsible for
the abuse.
Since the IP is shared -- the ISP (college) would have to catch them
in the act, or have traffic
logs available.
In either case, it is likely to take much longer before the 'bad' hosts
can be identified.
They are being better citizens by _not_ having multiple PCs share
one IP in such an environment
prone to being used for abuse.
Computers in college dorms are owned by the students, and not managed by
professionals.
Students may have a lapse in judgement. It is _VERY_ likely there
will be many cases where
incidents of abuse occurs, and a unique IP address is useful for
properly finding the source.
Private IPs (with one shared external) are inappropriate for a network
like this, unless it is
very tightly policed.
Abusive hosts are far less likely to exist on networks where hosts are
managed and properly policed.
Universities can't monitor or have nearly that level of control of
what software is on students' computers.
And draconian firewalling of outbound traffic is right-out, as it
inevitably eventually interferes
with the entire purpose of having such networks...
--
-J
More information about the ARIN-PPML
mailing list