In a message written on Sat, Feb 11, 2012 at 09:19:46AM +0900, Masataka Ohta wrote:
The applications can simply be debugged to use socket option of REUSEPORT.
"Simple" is subjective. Keep in mind many users will have a home gateway which also does NAT. And indeed double NAT in the home (router doing NAT, third party device doing NAT) is depressingly common. That means some of the troubleshooting will be via a triple-NAT if the carrier is performing the conversion.
Are you saying we MUST record all the IP addresses and port numbers of all peers of your customers to prevent illegal things?
If the carrier NAT's, maybe. Today port information need not be stored, because an IP is assigned to a customer. Law enforcement can come request who was using an IP, and be given the customer information. It's what everyone has come to expect. It's also not just what is legally required, but what is administratively friendly. Will the law say you have to track ports with carrier grade NAT, probably not. Will law enforcement spend a lot more time with your staff trying to track down bad people costing you time and money if you don't, probably. Large operations tend to find that having a cost effective and staff time effective way to deal with law enforcement is very important.
IPv6 means considerably more amount of headache and support costs than using NAT cleverly and simply.
When IPv4 addresses are selling for $100 an address that equation changes quickly. That day may be only a few months or years off. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/