ietf
[Top] [All Lists]

RE: draft-ietf-nat-protocol-complications-02.txt

2000-04-23 18:40:03
Bernard Aboba writes:
Rather than demonizing ISPs, it's more worthwhile to take
some time to stand in their shoes. Back in the mid '90s,
we faced these same issues in provisioning of small office/home
offices. It was generally much easier (and less expensive from
an administrative point of view) to roll out dialup infrastructure
on a mass scale allocating a single (dynamic address) than it
was to allocate and keep track of address space, with attendant
routing issues.

While I fully agree that demonizing ISPs is not useful, routing issues
for user subnets ceased being a problem quite some time ago - since
OSPF became generally available in NAS boxes.

I have four service areas in which my dialup users have a choice of
access numbers that are answered in different POPs.  Users with a
routed subnet can disconnect from one number and immediately reconnect
via a number answered in a different town, and OSPF will route their
network to them.  TCP sessions remain intact, seeing only a pause.

Routing issues are not the reason for NAT deployment.  On my network
NAT exists because users prefer it.  We give any user, even analog
dialup users, a /29 free for the asking.  They are hard to give away.
Every user running NAT has chosen to do so rather than accept a free
subnet.

Currently, 0.8% of our dialup (including ISDN) users have taken us up
on our free subnet offer.  (I think I told someone 0.08% in private
mail a day or two ago - sorry about that.)  We even have a T1 client
that chose to take one IP address and run NAT.  Most users are not
networking geeks.  They like NAT because NAT boxes make what they want
to do so easy.

Note that giving away /29s to dialup users puts us in a tenuous
position with respect to the address use guidelines for ISPs in
RFC2050 - a BCP, under which assigning even a single /32 to a dialup
user is "strongly discouraged".  It also says "ISPs should have
documented justification available for each assignment."

Basically an ISP can A) violate RFC2050 by giving subnets without
documented justification, B) document willingness to pay extra for a
subnet as evidence of justification, or C) pry into users' business
asking what they want a subnet for.

We used to give free /27s to any user who asked.  However, when ARIN
put ISP address use under a microscope and RFC2050 gave the
guidelines, we did some checking of use and found that no dialup user
assigned a subnet had more than 4 addresses in use, so we reduced the
free subnet size (except for grandfathered users).

--
Dick St.Peters, stpeters(_at_)NetHeaven(_dot_)com 
Gatekeeper, NetHeaven, Saratoga Springs, NY
Saratoga/Albany/Amsterdam/BoltonLanding/Cobleskill/Greenwich/
GlensFalls/LakePlacid/NorthCreek/Plattsburgh/...
    Oldest Internet service based in the Adirondack-Albany region