Dan Wing wrote : > Such 1-for-1 address rewriting does not provide the topology > hiding that many people seem to like of their existing NAPT > devices, nor does such 1-for-1 address rewriting obscure the > number of hosts behind the NAT. Such obscuring can be useful > for certain businesses (there are, today, small ISPs in certain > countries that do not want their country's PTT to know the > ISP's actual market share, for fear tarrifs or advertising to > compete with the small ISP will be increased). > Note that the approach in proposed in an earlier e-mail (and quoted below) provides the "topology and number of hosts obscuring" you discuss. It does it without any NAT in the middle. ""If a client host takes a new randomly chosen "privacy IID" for each of its outgoing connections: (1) its address and its chosen port will keep their E2E significance; (2) no one will know where it is in its site; (3) any attempt to call such an address will fail; (4) the host will easily clean up its state when it knows a connection is finished, or when it resets, or when its power is turned off; (5) no stateful logic is needed in any intermediate box; (6) intermediate boxes are not concerned with protocols used (UDP, TCP, SCTP...)."" RD _______________________________________________ Ietf@xxxxxxxx http://www.ietf.org/mailman/listinfo/ietf