[arin-ppml] Why are ISPs allowed?

[Kevin Kargel]

> On Jan 2, 2009, at 3:24 PM, Artur (eBoundHost) wrote:
> 
> > My apologies if I'm asking a question that has been answered a million
> > times, I have not been able to find an answer.
> >
> > Is there a reason why ISP's such as Comcast/ATT, allowed to hand out
> > unique IP addresses, even not static ones, to end users? Why are they
> > not required to use NAT?
> >
> > If ISPs were to switch to local address space, how many IP blocks
> > would
> > be released back into the wild?
> >
> > --
> >
> > Best Regards,
> >
> >
> > Artur
> > eBoundHost
> > http://www.eboundhost.com

Artur,
Long ago when this ISP was in it's infancy we experimented with using NAT
for dialup users.  There were so many things that NAT broke and so many
immediate and loud complaints that we abandoned that experiment in short
order.  

Our users found that many online games were broken, P2P features of IM's
were broken, remote desktop apps were broken, among many other things.  

Remember that NAT for an ISP would be one to thousands, which is much
different from the one to few type of NAT that you see in your home router.
On your home router it is not too difficult to set up PAT rules to allow
remote desktop to a specific workstation for example, but it would be a
nightmare on an ISP enterprise level.  

Another not trivial thing that gets much more difficult in a
one-to-thousands NAT would be accountability.  Tracking down a malicious
user from forensic data in outside log files would get very expensive.

It is a good idea but not one which is practical to execute.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3224 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20090102/fc26b6f7/attachment.bin>