We hit half-million: The Cidr Report

Mark Foster blakjak at blakjak.net
Fri May 2 00:06:36 UTC 2014

On Fri, May 2, 2014 11:57 am, Fred Baker (fred) wrote:
> On May 1, 2014, at 4:10 PM, Jean-Francois Mezei
> <jfmezei_nanog at vaxination.ca> wrote:
>> Pardon my ignorance here. But in a carrier-grade NAT implementation that
>> serves say 5000 users, when happens when someone from the outside tries
>> to connect to port 80 of the shared routable IP ?
> More to the point, your trust boundary includes 5000 people. Do you know
> them all? Who maintains their systems and software? Do you trust them?
> What happens if they approach you from behind the NAT?

Strikes me as a red herring; CGNat is not shifting your security boundary,
wheras the typical NAT device used on a shared IPv4 connection usually

More information about the NANOG mailing list