As Richard mentioned earlier, WAND has recently done some work on behalf of Alcatel looking at the viability of SP-NAT. In particular, I've been investigating the number of incoming connections to DSL customers for a NZ ISP - how many customers are accepting connections and how many connections are they accepting? Long story short, over 40% of observed customer addresses accepted at least one incoming TCP connection over the time period we looked (around 4 consecutive days, including a weekend). This ratio grows to be more than 60% when UDP is also considered, although the counts for UDP aren't as reliable. Most of the incoming connections are on either well-known p2p ports or high-number ports, suggesting a lot of customers doing some form of p2p. More detailed results (plus pretty graphs!) can be found at http://www.wand.net.nz/~spa1/someisp/flow_counting/result_page.html#inbound In addition, WAND also looked into the average number of outbound sessions that those same DSL customers were using. The main aim there was to determine how many customers it would be feasible to place behind a single SP-NAT device. The results of that can be found on the same web-page (just scroll up a bit). Note that all these results are for a single ISP during a particular time period. It is very likely that other ISPs would see significantly different numbers depending on the profiles of the customers they tend to attract - warez monkeys vs Grandma, for instance. Shane Alcock WAND Network Research Group University of Waikato Nathan Ward wrote:
Hi all,
I'm attempting to get a bead on the importance of end-to-end IPv4.
By that I mean, home DSL user talking to another home DSL user.
This is something that would break if we ran out of IPv4 space tomorrow, and had to start putting customers behind service provider NAT (SP-NAT).
There's two ways I'm looking at doing this are: 1) Using a vendor box on loan to do p2p packet inspection for a month or so. This will tell us about how much "p2p[1]" traffic there is on a network, compared to non-p2p traffic. 2) Getting a packet capture from somewhere on a network for an hour, or whatever is feasible in terms of storage and processing power. The target of the capture would be traffic to/from a certain block of an ISPs end user type customers (so, a DSL pool probably). Analyse this and match it against dynamic address pools. - Anything going out to another dynamic pool (as determined by one of those dynamic pool lists) is something that would be broken by SP-NAT. - Any new incoming connections is something that would be broken by SP-NAT.
If there's anyone that's interested in the following please let me know: a) Helping me with some research b) Getting some free intelligence on the type of traffic on your network (wave it in front of marketing, and drip feed them the pretty graphs whenever you want something from them)
My intent is to publish the results stuff freely, publicly and widely.
I'd even like to get to the point where we can do it regularly perhaps? Let me know if you're open to that.
-- Nathan Ward
[1] By this I mean file sharing, skype, etc. Stuff commonly identified with the "p2p" buzz word, as opposed to the technical peer-to-peer phrase. _______________________________________________ NZNOG mailing list NZNOG(a)l... http://list.waikato.ac.nz/mailman/listinfo/nznog http://list.waikato.ac.nz/mailman/listinfo/nznog