Unintended Consequences of NAT Deployments with Overlapping Address Space
نویسندگان
چکیده
This document identifies two deployment scenarios that have arisen from the unconventional network topologies formed using Network Address Translator (NAT) devices. First, the simplicity of administering networks through the combination of NAT and DHCP has increasingly lead to the deployment of multi-level inter-connected private networks involving overlapping private IP address spaces. Second, the proliferation of private networks in enterprises, hotels and conferences, and the wide-spread use of Virtual Private Networks (VPNs) to access an enterprise intranet from remote locations has increasingly lead to overlapping private IP address space between remote and corporate networks. This document does not dismiss these unconventional scenarios as invalid, but recognizes them as real and offers recommendations to help ensure these deployments can function without a meltdown.
منابع مشابه
Unintended Consequences of NAT Deployments
This document identifies two deployment scenarios that have arisen from the unconventional network topologies formed using Network Address Translator (NAT) devices. First, the simplicity of administering networks through the combination of NAT and DHCP has increasingly lead to the deployment of multi-level inter-connected private networks involving overlapping private IP address spaces. Second,...
متن کاملA Re-examination of Network Address Translation Security
The use of Network Address Translation (NAT) has greatly expanded in recent years. While originally an address management technique it has often been used for security. However, there are many implementations of NAT that are inherently insecure. Recently investigation into some of these has shown increased potential for security holes in NAT deployments. An understanding of the risks associated...
متن کاملTracking the Big NAT across Europe and the U.S
Carrier Grade NAT (CGN) mechanisms enable ISPs to share a single IPv4 address across multiple customers, thus offering an immediate solution to the IPv4 address scarcity problem. In this paper, we perform a large scale active measurement campaign to detect CGNs in fixed broadband networks using NAT Revelio – a tool we have developed and validated. Revelio enables us to actively determine from w...
متن کاملManaging the Academic Computing Infrastructure in the Age of Automation
The computing infrastructure of the Department of Mathematics and Computer Science at the University of Wisconsin-Superior has evolved from a system that depended primarily on manual effort, to a system that relies heavily on automation. No single decision mandated automation; instead, automation came about as means to manage complex deployments, provide new capabilities, and utilize scarce res...
متن کاملSome Multidimensional Unintended Consequences of Telehealth Utilization: A Multi-Project Evaluation Synthesis
Background Telehealth initiatives have bloomed around the globe, but their integration and diffusion remain challenging because of the complex issues they raise. Available evidence around telehealth usually deals with its expected effects and benefits, but its unintended consequences (UCs) and influencing factors are little documented. This study aims to explore, describe and analyze mult...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- RFC
دوره 5684 شماره
صفحات -
تاریخ انتشار 2010