Right, but since each border router off of the public Internet can't advertise anything smaller than /24 (would *your* router accept an advertisement for 3.0.0.0/27?), each seperate office needs at least a /24. Yeah, NAT can take care of the internal addressing, but you're still stuck with the fact that you "only" can have 256 seperate border routers.
Well, figure that there is going to be some level of proxy service going on for those who do access web pages and whatnot so its unlikely that there would be less than a class C used at each location in actuallity. Plus figure that the only thing that needs to be visible is the /30 allocated from the upstream for the link, technically, there doesn't need to be *any* public addresses in an office. Not to discount valid use of addresses, simply pointing out that if one wanted to restrict themselves, its quite possible. I doubt anyone would want to put themselves through this in the real game, but... ---------------------------------------------------------------------- Wayne Bouchard GlobalCenter web@primenet.com Primenet Network Operations Internet Solutions for (602) 416-6422 800-373-2499 x6422 Growing Businesses FAX: (602) 416-9422 http://www.primenet.com http://www.globalcenter.net ----------------------------------------------------------------------