Although I am almost NEVER one to recommend a Microsoft product BUT MS Proxy server is actually a very nice product. You can assign a /29 or /30 (I usually give them a /29 since I assign /29's to home dsl connections and I have the network already subnetted). On the other side of the proxy you can use private IP's and it will do the translation automaticly or you can use IPX/SPX and it will automaticly function as a IPX to IP gateway. I don't think there is a proxy client for Unix (any flavor of unix) but they do have W95/98, W31 and mac. My only concerns would be how it would scale to large networks. It has the ability to function as a daisy-chained proxy server farm where each one shares the load but I don't have any experience with this setup. It also has access control (user a can only browse these web sites, user B can only telnet and ftp, no web...) and very detailed logging of users traffic. Both of these features I find sort of "unethical" (wrong word but you know what I mean) but in a corporate enviroment they require them. -Mike At 03:35 PM 11/10/98 -0500, you wrote:
Thus spake Owen DeLong
I think this misses the point. ARIN doesn't require or want you to SWIP your /30 and /32 allocations. A network that small just doesn't require that level of public contact visibility.
I think you missed his point though....with NAT/PAT technology.../30 and /32's from ISP's can indeed provide a whole corporate network with access (small corporate...not exactly Fortune 500 here, but you get the idea)...I second his point on this. We've got quite a few customers that are feeding whole networks with /32's...even providing web servers and mail servers via these NAT/PAT boxes that are available now. Just stating that the network only has one or two Internet available IP addresses and therefore its too small to be of significance is short-sighted at best. Many of these /32's for us have their own web administration, mail administration, and other local administration of many of their services. They use a single IP as almost an inherent firewall. Indeed, I have one customer that uses one of the NAT/PAT boxes to actually not have IP on their internal network at *ALL*. The box converts the TCP/IP to IPX/SPX...bizarre, but it works well for them. Anyway, they run their own mail server on this setup, and we do very little administrative functioning for them...DNS is it in this case.
As you've pointed out, you'll be doing most of the things that matter (from a contact perspective) for those customers. As such, it makes sense to use your larger block contact information instead of SWIPing such small networks. In fact, I'd rather see ARIN move the SWIP requirement back to /26 or so.
Put my vote in for allowing up to /32's. -- Jeff McAdams Email: jeffm@iglou.com Head Network Administrator Voice: (502) 966-3848 IgLou Internet Services (800) 436-4456
------------------------------------------------------------- Mike Pistone pistone@eurekanet.com Systems/Network Administrator ph 614.593-5052 Eureka Networks, Ltd. fx 614.594-3632