Greetings Dave,
Having been one of the authors of this, and, at the time, unfortunately
looking down the barrel of a CGN deployment (in AU). I can say, at least in
our case, it had nothing to do with monitoring or intercept. In fact, CGN
actually made that more difficult in some circumstances. And this was a
carrier that definitely had that requirement.
Chris
On 17Mar2012, at 10.33, Dave Edelman wrote:
> Some major stakeholders are under legal or regulatory obligation to supervise
> and control. A small number of control points makes this less awful to
> effect.
>
> Dave Edelman
>
>
> On Mar 16, 2012, at 16:21, "cdel.firsthand.net" <[email protected]> wrote:
>
>> NAT at the edge is one thing as it gives an easy to sell security
>> proposition for the board. But CGN controlled by whoever sitting between
>> their NATs does the opposite.
>>
>>
>>
>> Christian de Larrinaga
>>
>>
>> On 16 Mar 2012, at 19:35, William Herrin <[email protected]> wrote:
>>
>>> On Fri, Mar 16, 2012 at 2:01 PM, Octavio Alvarez
>>> <[email protected]> wrote:
>>>> On Tue, 13 Mar 2012 23:22:04 -0700, Christopher Morrow
>>>> <[email protected]> wrote:
>>>>> NetRange: 100.64.0.0 - 100.127.255.255
>>>>> CIDR: 100.64.0.0/10
>>>>> OriginAS:
>>>>> NetName: SHARED-ADDRESS-SPACE-RFCTBD-IANA-RESERVED
>>>>
>>>> Weren't we supposed to *solve* the end-to-end connectivity problem,
>>>> instead of just letting it live?
>>>
>>> "We" forgot to ask if all the stakeholders wanted it solved. Most
>>> self-styled "enterprise" operators don't: they want a major control
>>> point at the network border. Deliberately breaking end to end makes
>>> that control more certain. Which is why they deployed IPv4 NAT boxen
>>> long before address scarcity became an impactful issue.
>>>
>>> Regards,
>>> Bill Herrin
>>>
>>>
>>> --
>>> William D. Herrin ................ [email protected] [email protected]
>>> 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
>>> Falls Church, VA 22042-3004
>>>
>>
>
--
李柯睿
Check my PGP key here: https://www.asgaard.org/~cdl/cdl.asc
Current vCard here: https://www.asgaard.org/~cdl/cdl.vcf
Check my calendar availability: https://tungle.me/cdl
