At 12:19 AM 4/10/2009, Rubens Kuhl wrote:

On shared media like radio access, every unwanted packet means less performance you will get out of the network. This can be done by NAT, stateful filtering with public IPs or stateless filtering with public IPs; the advantage of doing NAT is making it easier for the end-point software to know that (two ways: noticing your local IP address is from RFC1918 space, or connecting to a server that tells your IP in order to compare it to the local address).

As such, GPRS, EDGE, EVDO, HSPA, LTE and Mobile WiMAX services have good reasons to use NAT, and most do.

Speaking of unwanted traffic, I was quite surprised how much unwanted traffic I see on my RFC 1918 space thats given out by one of the Canadian telcos-- i.e. this is behind the giant natting firewalls.... Blocking all inbound traffic and logging to pflog (pcap format) Its full of cruft like this 0[i7]# tcpdump -nr /var/log/pflog | head -2 reading from file /var/log/pflog, link-type PFLOG (OpenBSD pflog file) 16:01:09.899554 IP 10.141.184.158.2167 > 10.141.81.113.445: Flags [S], seq 2743613661, win 53760, options [mss 1360,nop,wscale 3,nop,nop,TS[|tcp]> 16:01:10.439516 IP 10.141.184.158.2167 > 10.141.81.113.445: Flags [S], seq 2743613661, win 53760, options [mss 1360,nop,wscale 3,nop,nop,TS[|tcp]> Looking at the pflogs for the last 3 days of just port 445 and 135 scans traffic as well as the odd ping packet 1[i7]# cat pflo* | tcpdump -nr - -w /tmp/scan.pcap port 445 or port 135 or icmp reading from file -, link-type PFLOG (OpenBSD pflog file) tcpdump: pcap_loop: bogus savefile header 1[i7]# tcpstat -r /tmp/scan.pcap -a Bytes/sec = 0.4 B Bytes/minute = 26.2 B Bytes/hour = 1.5 KB Bytes/day = 36.8 KB Bytes/month = 1.1 MB 0[i7]# Hmmm... considering some plans start at 1MB per month.... ---Mike