CGN fixed/hashed nat question

• Previous message (by thread): CGN fixed/hashed nat question
• Next message (by thread): CGN fixed/hashed nat question
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 23/01/2013 02:57, Dobbins, Roland wrote:
> The overwhelming need for it is orthogonal to any schemes for hashing NAT source/dest ports.  

There are several conflicting requirements, including:

- requirement to run a business which makes money
- constraints on IPv4 addresses which mandate NAT
- law enforcement requirements, mandating either logging / port tracking
- network telemetry

law enforcement requirements aren't generally an issue until you get hit up
by a LEA / court order, at which point they become critical to ensuring
that your management doesn't end up displaying contempt of court.  For some
reason, management can get quite excited about this - more so than any
enthusiasm they might ever show for good quality network telemetry.

Nick

• Previous message (by thread): CGN fixed/hashed nat question
• Next message (by thread): CGN fixed/hashed nat question
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]