On Thu, 14 Dec 2000, Tony Dal Santo wrote:
Dennis Glatting wrote:
On Thu, 14 Dec 2000, Sean Doran wrote:
So, why are people deploying them?
Just to name two...
1) With NAT I ask for much smaller address spaces. Consequently, I don't
have to disclose my network details, deployment is less likely to be
delayed, and both my non-recurring and recurring cost is lower.
2) I don't have to renumber my entire enterprise should I change service
providers, rather only the Internet interface devices.
What exactly is the state of the IPv4 "address pool"? I realize there is
a PERCEIVED shortage, and this is usually the main motivation for NAT.
But is there a real shortage? Are "reasonable" requests for addresses
being denied?
As for the renumbering hassle, if you have a small installation,
renumbering shouldn't be all that difficult (especially when using
DHCP). For large installations, doesn't the organization own the
address pool, and take it with them when they change ISPs? I know
this used to be the case.
Ever renumbered and enterprise? DHCP is the cheap and easy part, and
sometimes not so. Reconfiguring fielded lap tops is much harder (such as
domain entries and VPN), as is making any configuration changes to
servers, such as 24x7 ERP systems.
The last time I renumbered an enterprise it was an enterprise of about
1000 nodes spread across seven states. It took a quarter to get the cheap
and easy stuff done, which included travel to the smaller sites who had no
IT staff. It took another quarter to get the harder stuff (active servers,
take out hacks, etc.). And it took another quarter to clean up all of the
stragglers (people who hard coded /etc/hosts, started old applications,
turn on old machines, etc.).
You can't get address pool space from ARIN for anything less than a /20,
last I looked.
If it isn't an address issue, is it a routing issue? Is it that the
routing tables/protocols/hardware can't handle the large number of
routes? Are ISPs refusing to carry reasonable routes? Seems to me if
the entire address space was broken up into subnets of 4096, there
would be about 1 million routes. What is the current size? I think I
remember seeing numbers on the order of 50,000.
Current size as of a few months ago was 85k routes.
If there is a real shortage or routing problem, I understand the
motivation to use NAT. There really wouldn't be a reasonable
alternative. But I have yet to hear anyone claim that a reasonable
request has been denied. Based on that, I tend to think most NAT
installations are motiviated by other (and in my opinion less valid)
issues such as "security".
Tony Dal Santo