[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ISP's who assign unrouteable addresses
>
> My company has encountered two ISP's, US West and MediaOne, who assign
> unrouteable addresses (10.x.x.x) to some of their customers. The ISP's
> run NAT in the head-end of their cable network or ADSL network to translate
> those addresses before they hit the Internet.
>
That may be OK, so long as the service provided is limited - such as
simple e-mail access.
Specifically, if the users are assured of only certain services that are
guaranteed to work and not others, I dont see this as a breach of service.
> Obviously, an end-user wanting IPSEC is in trouble.
>
I would be surprised if they are promised end-to-end IPSec as part of the
service level agreement (SLA).
> Any thoughts about how to deal with this problem?
This is a problem only if it violates the SLA between the service provider
and the customer.
> I personally don't
> mind NAT if it is performed at the boundary between a stub network
> and the Internet. The owner of that network can NAT and employ a
> security gateway if he needs IPSEC.
>
> On the other hand, I think ISP's that use NAT are short-changing their
> customers.
Is this opinion shared by the customers using the service? probably not.
> Is there anything we can offer a customer who is stuck
> with one of the unrouteable addresses?
>
> -Ben McCann
>
> --
> Ben McCann Indus River Networks
> 31 Nagog Park
> Acton, MA, 01720
> email: bmccann@indusriver.com web: www.indusriver.com
> phone: (978) 266-8140 fax: (978) 266-8111
>
cheers,
suresh
References: