dear all Does anyone heard or are deploying S.Spectrum for any IP service, and is IETF have any RFA for this purpose. Mano Manohar Menon System Engineer FNPP - DECS Subang Hitech Tel : 580 1697 Fax : 580 2003 >>> "Polinsky, Steven" <[EMAIL PROTECTED]> 12/07 3:07 AM >>> "J. Noel Chiappa" <[EMAIL PROTECTED]> writes: > Perry, I'm curious about the technical aspects of the problems you're seeing, > in particular: > > Are the problems you are seeing due to i) the need for NAT boxes to grope > around in packets, ii) the fact that hosts don't have permanent, globally > visible internetwork-level 'names', or iii) something else (e.g. complex > configuration management)? To me the biggest problem here, is the common situation such that companies have separate (and necessary) Internet and Remote Access firewalls. RA firewalls exist in multiple global locations within an enterprise. Multiple instances of the same Private addresses would enter (or exit) the enterprise network via Private lines from different companies if not for careful configuration management across and negotiation between "NAT Administrators", within the enterprise, and between enterprises. The most difficult part is the negotiation with client/vendor site NAT Admins as to who should NAT which addresses into which addresses. We often need to negotiate between 3 RA connected companies. Not only is this painful, but one can never sleep comfortably, knowing that a NAT Admin at a 3rd company will not make a mistake and connect someone new at our NATed address. There are not enough Private Addresses to go around. I would propose that an additional block of addreses be added to those designated in RFC1918. That would be a big practical help. Steven Steven M. Polinsky Vice President, Information Technology Goldman, Sachs & Co. 180 Maiden Lane New York, NY 10038 212-902-3669
