[AusNOG] Metadata retention... it's now (almost) a thing

Paul Brooks pbrooks-ausnog at layer10.com.au
Thu Oct 30 18:21:19 EST 2014


On 30/10/2014 6:00 PM, Skeeve Stevens wrote:
> And CGN... double and triple NAT.
>
> Internet sees 1.1.1.1 - which is potentially hundreds of people... which is
> 100.64.0.1 - which is potentially many other people as well.

Sure - but all that means is that you as the operator of the CGNAT box and NAT
gateways have a crapload of logging to keep for 2 years to make life difficult for
yourself. Tracking the translations back to your customer session or port (and they
may have their own translations, but that's their problem) is feasible by searching
the logs.

Its a great argument to raise against S.313  blocking of an IP address (massive
innocent collateral damage, ref the ASIC fiasco recently), but its not much of an
argument against retention of log files.

P.



More information about the AusNOG mailing list