Subject: Re: single-interface IPNat box?
To: Rafal Boni <rkboni@concentric.net>
From: Erik E. Fair <fair@clock.org>
List: current-users
Date: 06/17/1997 16:27:27
At 16:11 -0700 6/17/97, Rafal Boni wrote:

>The real reason for this message was not for us to find a way to cheat the
>ISP,
>but rather because we were curious if it was possible to set all the machin=
es
>up on one strand of ether and have the BSD box do NAT before forwarding on =
to
>the Ascend.

[begin minor rant]

It is not possible to cheat an ISP using NAT. You buy *bandwidth* from
them, and some amount of address space. NAT is one (ugly, evil) way to use
the address space more efficiently, and possibly the bandwidth more fully.
You can't exceed the bandwidth of the line you got from them (modem, ISDN,
T1, T3, etc.), so you have nothing to worry about - it's just as easy to
blow out an ISP's "average bandwidth usage" network engineering assumptions
using one machine as ten (which is why it's bad to make such assumption in
the first place), and if your ISP can't deal with that engineering reality,
then you should change ISP's.

[end rant]

Show me an ISP that sees NAT as "cheating" and I'll show you an ISP that
will be bereft of customers before very long.

	Erik <fair@clock.org>