Jimmy Hess <mysi...@gmail.com> writes: > On 4/6/13, Matthew Kaufman <matt...@matthew.at> wrote: >> On 4/6/2013 6:24 PM, cb.list6 wrote: >> >> I'd love to see a CGN box that is cheaper than IPv4 addresses currently >> are on the transfer market. > > You mean like a few linux servers running iptables nat-masquerade? > > You think the "Carrier Grade" in "Carrier Grade NAT" isn't just a > rhetorically constructed distraction, from the fact that simple NAT > may be implemented, and yeah, end users are certain to experience > annoyances, either way...
Forget about the "annoying users" part; the "carrier-grade" part of CGN is all about not annoying the service provider. As far as I'm aware, iptables does not include deterministic port translation based on source address, nor easy-to-configure hooks for CALEA [*]. It may well turn out that once one factors in support your costs are higher with large scale NAT-on-Linux than if you'd sucked it up and coughed up a quarter mil for an appliance. -r [*] I'd love to hear that I'm wrong on this count, but a how-to document that explains how one can lovingly handcraft such a thing as opposed to a special refactored distro that's ready to plug-and-chug appliance style will only serve to reinforce my assertion.