On 23/01/2013 02:57, Dobbins, Roland wrote:
The overwhelming need for it is orthogonal to any schemes for hashing NAT source/dest ports.
There are several conflicting requirements, including: - requirement to run a business which makes money - constraints on IPv4 addresses which mandate NAT - law enforcement requirements, mandating either logging / port tracking - network telemetry law enforcement requirements aren't generally an issue until you get hit up by a LEA / court order, at which point they become critical to ensuring that your management doesn't end up displaying contempt of court. For some reason, management can get quite excited about this - more so than any enthusiasm they might ever show for good quality network telemetry. Nick