Big Temporary Networks

Måns Nilsson mansaxel at besserwisser.org
Fri Sep 14 12:46:07 UTC 2012


Subject: Re: Big Temporary Networks Date: Fri, Sep 14, 2012 at 09:22:01PM +0900 Quoting Masataka Ohta (mohta at necom830.hpcl.titech.ac.jp):
> Måns Nilsson wrote:
> 
> >And get v6.
> >
> >Do not NAT. When all those people want to do social networking to the same
> >furry BBS while also frequenting three social app sites simultaneously
> >you are going to get Issues if you NAT. So don't.
> 
> Don't?
> 
> Considering that, ten years ago, some computers were still often
> shared by thousands of people distinguished by their port numbers
> and that, today, pseudo ISPs are using NAT, it is not only wrong
> but also impossible to identify a user only by his IP address
> without port numbers.

Ohta-san, 

I am not suggesting that. I'm just trying to point out that there
might be a bunch of assumptions that aren't as true anymore when a
lot of client connections share both source and destination address,
and perhaps also destination port. If this happens simultaneously when
a large amount of other tcp connections are NATed through the same box,
resource starvation will occur. If public address space is available,
it is better to use that. Also, no NAT means there will be no session
timers for things like long lived low bandwidth tcp sessions.

-- 
Måns Nilsson     primary/secondary/besserwisser/machina
MN-1334-RIPE                             +46 705 989668
I think my career is ruined!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20120914/69730bf1/attachment.bin>


More information about the NANOG mailing list