ARIN?

Thu Nov 12 14:47:12 UTC 1998

Although I am almost NEVER one to recommend a Microsoft product BUT MS
Proxy server is actually a very nice product. You can assign a /29 or /30
(I usually give them a /29 since I assign /29's to home dsl connections and
I have the network already subnetted).  On the other side of the proxy you
can use private IP's and it will do the translation automaticly or you can
use IPX/SPX and it will automaticly function as a IPX to IP gateway.  I
don't think there is a proxy client for Unix (any flavor of unix) but they
do have W95/98, W31 and mac.

My only concerns would be how it would scale to large networks.  It has the
ability to function as a daisy-chained proxy server farm where each one
shares the load but I don't have any experience with this setup.

It also has access control (user a can only browse these web sites, user B
can only telnet and ftp, no web...) and very detailed logging of users
traffic.  Both of these features I find sort of "unethical" (wrong word but
you know what I mean) but in a corporate enviroment they require them.

-Mike

At 03:35 PM 11/10/98 -0500, you wrote:
>Thus spake Owen DeLong
>>I think this misses the point.  ARIN doesn't require or want you to SWIP
>>your /30 and /32 allocations.  A network that small just doesn't require
>>that level of public contact visibility.  
>
>I think you missed his point though....with NAT/PAT technology.../30 and
>/32's from ISP's can indeed provide a whole corporate network with
>access (small corporate...not exactly Fortune 500 here, but you get the
>idea)...I second his point on this.  We've got quite a few customers
>that are feeding whole networks with /32's...even providing web servers
>and mail servers via these NAT/PAT boxes that are available now.  Just
>stating that the network only has one or two Internet available IP
>addresses and therefore its too small to be of significance is
>short-sighted at best.  Many of these /32's for us have their own web
>administration, mail administration, and other local administration of
>many of their services.  They use a single IP as almost an inherent
>firewall.  Indeed, I have one customer that uses one of the NAT/PAT
>boxes to actually not have IP on their internal network at *ALL*.  The
>box converts the TCP/IP to IPX/SPX...bizarre, but it works well for
>them.  Anyway, they run their own mail server on this setup, and we do
>very little administrative functioning for them...DNS is it in this
>case.
>
>>As you've pointed out, you'll
>>be doing most of the things that matter (from a contact perspective)
>>for those customers.  As such, it makes sense to use your larger block
>>contact information instead of SWIPing such small networks.  In fact,
>>I'd rather see ARIN move the SWIP requirement back to /26 or so.
>
>Put my vote in for allowing up to /32's.
>-- 
>Jeff McAdams                            Email: jeffm at iglou.com
>Head Network Administrator              Voice: (502) 966-3848
>IgLou Internet Services                        (800) 436-4456
>
>
-------------------------------------------------------------
Mike Pistone                            pistone at eurekanet.com
Systems/Network Administrator                 ph 614.593-5052
Eureka Networks, Ltd.                         fx 614.594-3632