Home page logo

nanog logo nanog mailing list archives

Re: FTTH CPE landscape
From: PC <paul4004 () gmail com>
Date: Fri, 5 Aug 2011 10:11:27 -0600

There continue to be many legitimate reasons why a consumer might not want
NAT on their connection.  I wouldn't' consider IPSEC the primary one, as
even having one side under NAT is generally not an issue in most cases if
it's the initiator (further skewing your netflow statistics to even less
than the 1% figure as a business case).

You've explicitly asked for a CPE without wifi (or one where the SP can
disable it).  Yes, I know you could buy a wireless "access point", but no
consumer will do that.  They will run to best buy and come home with a
"wireless router".  They when they want a "public" IP on _their_ router they
will (try) to follow all the guides on
xbox.com/slingbox.com/torrentsite.com/ that advise how to bridge the
Provider's CPE and run DHCP/PPPOE/L2TP/whatever on their linksys home
router.  They won't be able to do this with your service.

In turn two levels of NAT will break all sorts of stuff, including stuff
UPNP commonly handles today, only resolvable via a CPE that can bridge.
Stuff far more common than IPSEC.

Most other prominent access technologies supports bridging (ADSL, Cable,
etc.), it probably wouldn't be too much effort to have a tick box to do the
same for your consumer, consider bridging is typically supported in the
bottom of the CPE barrel.

On Fri, Aug 5, 2011 at 9:35 AM, Jay Ashworth <jra () baylink com> wrote:

----- Original Message -----
From: "Scott Helms" <khelms () ispalliance net>

Again, you're not in any way shape or form representative. IPSEC IS
less than 1% for residential Internet customers in the US and its not
even 30% for business accounts. I have visibility into access networks
around North America which gives me a sample size that is far larger
than required for statistical significance.

Which is fine, but it does *not* justify not putting the check on the
tick-list.  You merely assign it a lower weight.  "Whether to do it" is
a cost-benefit analysis.  "Not checking to see if you can have it for free"
is malpractice.

-- jra
Jay R. Ashworth                  Baylink
jra () baylink com
Designer                     The Things I Think                       RFC
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover
St Petersburg FL USA      http://photo.imageinc.us             +1 727 647

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]