Re: Large ISPs doing NAT?

[Eliot Lear]

I don't know if this is an annual argument yet, but the frog is in the 
pot, and the flame is on.  Guess who's playing the part of the frog? 
Answer: ISPs who do this sort of thing.  Value added security is a nice 
thing.  Crippling Internet connections will turn the Internet into the 
phone company, where only the ISP gets to say what services are good and 
which ones are bad.  While an ISP might view it appealing to be a baby 
bell, remember from whence we all come: the notion that the middle should 
not inhibit the endpoints from doing what they want.  You find this to be 
a support headache?  Offer a deal on Norton Internet Security or some 
such.  Offer to do rules merges.  Even offer a provisioning interface to 
some access-lists.  Just make sure that when that next really fun game is 
delivered on a play station that speaka de IP your customers can play it, 
and that you haven't built a business model around them not being able to 
play it.

Eliot



mike harrison wrote:
> > On Monday, 2002-04-29 at 08:43 MST, Beckmeyer <beck@pacbell.net> wrote:
> >
> > > Is anybody here doing NAT for their customers?
> Tony Rall: 
> > If you're NATing your customers you're no longer an ISP.  You're a
> > sort-of-tcp-service-provider (maybe a little udp too).  NAT (PAT even more
>
> Depends on scale and application. We have lots of customers
> that we NAT, one way or another. And a lot more that we don't. 
> Some customers WANT to 'just see out' and they like all the 'weird stuff
> turned off'. Sometimes it's a box at the customers end, sometimes
> it's nat'd IP's on the dial-up/ISDN/FracT1/T1/Wireless connection itself. 
> Saying we are not an ISP because we do some NAT is a little harsh. 
> Giving the customer options and making things work (when done right, 
> and explained properly.... we have no sales droids) is good business
> and I think good for the 'net. It gives the clueless (and sometimes
> cluefull) just a little more isolation. 
> What is wrong is NAT'ing when you should not.