[AusNOG] Metadata retention... it's now (almost) a thing
Shain Singh
shain.singh at gmail.com
Thu Oct 30 23:41:28 EST 2014
On 30 October 2014 18:21, Paul Brooks <pbrooks-ausnog at layer10.com.au> wrote:
> On 30/10/2014 6:00 PM, Skeeve Stevens wrote:
> > And CGN... double and triple NAT.
> >
> > Internet sees 1.1.1.1 - which is potentially hundreds of people... which
> is
> > 100.64.0.1 - which is potentially many other people as well.
>
> Sure - but all that means is that you as the operator of the CGNAT box and
> NAT
> gateways have a crapload of logging to keep for 2 years to make life
> difficult for
> yourself. Tracking the translations back to your customer session or port
> (and they
> may have their own translations, but that's their problem) is feasible by
> searching
> the logs.
>
>
>
Various forms of deterministic NAT solutions are around with vendors to
cater for these types of situations.
http://tools.ietf.org/html/draft-donley-behave-deterministic-cgn-00
--
Shaineel Singh
e: shain.singh at gmail.com
p: +61 422 921 951
w: http://buffet.shainsingh.com
--
"Too many have dispensed with generosity to practice charity" - Albert Camus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20141030/185d8026/attachment.html>
More information about the AusNOG
mailing list