Greetings Dave, Having been one of the authors of this, and, at the time, unfortunately looking down the barrel of a CGN deployment (in AU). I can say, at least in our case, it had nothing to do with monitoring or intercept. In fact, CGN actually made that more difficult in some circumstances. And this was a carrier that definitely had that requirement. Chris On 17Mar2012, at 10.33, Dave Edelman wrote:
Some major stakeholders are under legal or regulatory obligation to supervise and control. A small number of control points makes this less awful to effect.
Dave Edelman
On Mar 16, 2012, at 16:21, "cdel.firsthand.net" <cdel@firsthand.net> wrote:
NAT at the edge is one thing as it gives an easy to sell security proposition for the board. But CGN controlled by whoever sitting between their NATs does the opposite.
Christian de Larrinaga
On 16 Mar 2012, at 19:35, William Herrin <bill@herrin.us> wrote:
On Fri, Mar 16, 2012 at 2:01 PM, Octavio Alvarez <alvarezp@alvarezp.ods.org> wrote:
On Tue, 13 Mar 2012 23:22:04 -0700, Christopher Morrow <christopher.morrow@gmail.com> wrote:
NetRange: 100.64.0.0 - 100.127.255.255 CIDR: 100.64.0.0/10 OriginAS: NetName: SHARED-ADDRESS-SPACE-RFCTBD-IANA-RESERVED
Weren't we supposed to *solve* the end-to-end connectivity problem, instead of just letting it live?
"We" forgot to ask if all the stakeholders wanted it solved. Most self-styled "enterprise" operators don't: they want a major control point at the network border. Deliberately breaking end to end makes that control more certain. Which is why they deployed IPv4 NAT boxen long before address scarcity became an impactful issue.
Regards, Bill Herrin
-- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
-- 李柯睿 Check my PGP key here: https://www.asgaard.org/~cdl/cdl.asc Current vCard here: https://www.asgaard.org/~cdl/cdl.vcf Check my calendar availability: https://tungle.me/cdl