CGN fixed/hashed nat question
nick at foobar.org
Wed Jan 23 12:38:22 UTC 2013
On 23/01/2013 02:57, Dobbins, Roland wrote:
> The overwhelming need for it is orthogonal to any schemes for hashing NAT source/dest ports.
There are several conflicting requirements, including:
- requirement to run a business which makes money
- constraints on IPv4 addresses which mandate NAT
- law enforcement requirements, mandating either logging / port tracking
- network telemetry
law enforcement requirements aren't generally an issue until you get hit up
by a LEA / court order, at which point they become critical to ensuring
that your management doesn't end up displaying contempt of court. For some
reason, management can get quite excited about this - more so than any
enthusiasm they might ever show for good quality network telemetry.
More information about the NANOG