-----Original Message----- From: Tony Rall [mailto:trall@almaden.ibm.com] Sent: 30. aprÃla 2002 19:59 To: nanog@merit.edu Subject: Re: Large ISPs doing NAT?
On Monday, 2002-04-29 at 08:43 MST, Beckmeyer <beck@pacbell.net> wrote:
Is anybody here doing NAT for their customers?
I hope not.
If you're NATing your customers you're no longer an ISP. You're a sort-of-tcp-service-provider (maybe a little udp too). NAT (PAT even more so) breaks so many things that it would be unconscionable to advertise as an ISP. Even some tcp apps fail under NAT. The NAT box may include a number of "fix-ups" but such will never be equivalent to giving the customer a public address.
well.. yes and no. depends on definition and how you set the services. i don't know how you treat this in u.s. but in europe gprs is mostly considered being a value-added service to gsm instead of a real internet connectivity replacement. if you think of gprs a bit it will never have enough capabilities to serve as a full-time inet service. it's a great solution for accessing your data remotely but it's very limited in means of capacity and then you have those 'pdp-contexts' or how they call it. it's just another acronym for a vpn... if a corporate user requires full ip connectivity then why not give him a vpn uplink directly to their hq and the users can safely use private addresses according to corporate policy. in this way gprs is very similar to mpls. i have worked on gprs-mpls vpn integration and it works just fine.
An Internet Service Provider gives the customer a full connection to the Internet. All IP protocols should work.
you also may give the [common] user an opportunity to have 'limited' service set (so you can use private addresses + nat/pat) for lower price or pay a bit more for 'full' service. i think the 'limited' in real life can safely cover requirements of 95% of the customers. do you think they will download mp3's and avi's via gprs? how? :)) from my point of view if you cover http, e-mail and various similar services you will provide most user with more than they ever would expect, wouldn't you?
I'm in favor of using NAT only where there is a good argument for it and the customers are given the straight story about what they're buying and what it won't be able to do. Don't call yourself an ISP.
...
Tony Rall
deejay -- Tomas Daniska systems engineer Tronet Computer Networks Plynarenska 5, 829 75 Bratislava, Slovakia tel: +421 2 58224111, fax: +421 2 58224199 A transistor protected by a fast-acting fuse will protect the fuse by blowing first.