<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jul 21, 2014 at 11:42 AM, Seun Ojedeji <span dir="ltr"><<a href="mailto:seun.ojedeji@gmail.com" target="_blank">seun.ojedeji@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div> Below is the order that is experienced<br>
<br></div><div>1) We don't think <span id="e5cdd022-ddb9-44f6-955a-bb2127c6bcf4" class="GINGER_SOFTWARE_mark">its</span> necessary to change - <span id="acf1dfad-e138-4b9a-a33c-abffbe4f27f2" class="GINGER_SOFTWARE_mark">Infact this</span> is mostly the case and when <span id="1904c29e-1018-4afe-a97c-f8b963a4b048" class="GINGER_SOFTWARE_mark">ICT directorate</span> of an institution <span id="26ce0ffd-f973-4859-ab93-e738d03e6876" class="GINGER_SOFTWARE_mark">don't think</span> there is any benefit/need to run native v4 every other item below get stalled!<br>
</div></blockquote><div><br></div><div><br></div><div>[Counter] </div><div><br></div><div>a) So long as we are using NAT, the more users we worse performance will get. Show the IT director graphs that show that even though <span id="090edfec-1b9d-48e0-b236-2ec4d89c263c" class="GINGER_SOFTWARE_mark">Internet</span> is slow, we are still within our bandwidth usage. (The pain <span id="44c55674-d315-45a2-8da9-aa77e2f99234" class="GINGER_SOFTWARE_mark">here which</span> they feel is poor performance. <span id="fa195f0e-6478-4fa6-85c7-d6481ac038f7" class="GINGER_SOFTWARE_mark">Yes I</span>'ve used this before<span id="7914e8a3-4fb9-45dd-b354-5bd732fbc61c" class="GINGER_SOFTWARE_mark"> ...</span>successfully)</div>
<div><br></div><div>b) Let's start with the network engineers, eliminate NATs internally! Route your RFC1918 space to and NAPT at <span id="6beb12fe-04e7-442a-b6b5-f6edc07dd374" class="GINGER_SOFTWARE_mark">the the</span> edge. This has two implications</div>
<div><br></div><div> * You get visibility into your own internal <span id="7d7c4423-1417-4fa1-ba28-08e33a2ee015" class="GINGER_SOFTWARE_mark">nework</span></div><div> * You make it easier to see that NAT is the bottleneck because your NAT kludge is not distributed everywhere on the network. </div>
<div><br></div><div>c) It should be easy to make the case for a larger block of public IPv4 space for services. (<span id="7479eafa-e371-4431-ac57-239cdda73f9f" class="GINGER_SOFTWARE_mark">and</span> hint, if you work on some cool internal services that the management and users love but suddenly can't use them when they are not in the office on campus, then you have one more reason to justify what that service should be on a public IP address.)</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
</div><div>
<br></div><div>2) We understand the need to <span id="4b63c7a6-9975-44c1-abb0-4a0d0550371a" class="GINGER_SOFTWARE_mark">change but</span> scare of security implications<br></div></blockquote><div><br></div><div><br></div>
<div>[Counter] "What security implications are those?". Education is the first weapon against fear. "Look your fear in the eye and it will lose its power over you" </div><div><br></div><div>a) User behavior (clicking strange links, visiting hostile <span id="90b47024-87a1-4577-a3e8-c16db97aecc2" class="GINGER_SOFTWARE_mark">sites etc</span>) already <span id="a30b950e-7f70-4962-817b-5c1b41ab4b6d" class="GINGER_SOFTWARE_mark">by-pass</span> <span id="79ab0370-9633-46ac-b44c-a95f95c46402" class="GINGER_SOFTWARE_mark">whateve</span> security they think NAT provides.</div>
<div><br></div><div>b) SPI whence from the perceived benefits of NAPT come from isn't an inherent part of NAPT - it just happens to be often co-exist with a NAPT service. If for some reason you really want to do that with a public IP address, it is possible to do.</div>
<div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><br></div><div>
3) Our ISP is hindering our change due to extra recurring charges<br></div></blockquote><div><br></div><div><br></div><div>Specify your requirements that will work for you in your new RFP and put your ISP on notice. Only in rare cases does an institution not have options in ISP for a whole 3 years</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
<br>4) Our management may not approve extra cost of internet (<span id="35c09cdb-04aa-4a84-9977-e03f65dc2949" class="GINGER_SOFTWARE_mark">its</span> not something to feel and touch like classrooms :))</div></blockquote>
<div><br></div><div><br></div><div>Most universities actually do highly value ICT as an investment to better the institution. The question is that does the ICT Director and his team know what the elements of effective ICTs are? So long as ICT infrastructure becomes another word for "Internet access" on campus, then of <span id="0ebf5b92-f8a3-4e61-9ed5-bdade034b8b5" class="GINGER_SOFTWARE_mark">course while</span> there is some Internet<span id="d8eb74cb-17ec-4e7e-872e-5d0856b1068a" class="GINGER_SOFTWARE_mark"> ...</span> there's no need to improve.</div>
<div><br></div><div>Effective ICTs <span id="de0ebe89-4b83-4742-a176-221e45087882" class="GINGER_SOFTWARE_mark">for</span> the service of education is quite a lot about putting in place infrastructure that helps students, staff and administration both on-campus and off campus. These services should be available on <span id="a8bddd6f-0102-4517-b745-cff20091c2ca" class="GINGER_SOFTWARE_mark">campus but</span> also when people move off campus. Things like</div>
<div><br></div><div>- MOOC or e-Learning services hosted on <span id="914cc8f5-1af7-477d-9912-abf9ead8af7d" class="GINGER_SOFTWARE_mark">campus but</span> that can be accessed off campus </div><div>- Online <span id="9190f6e0-5dee-414b-92a6-7feab2b367ad" class="GINGER_SOFTWARE_mark">registrations</span> systems</div>
<div>- Transcript application services</div><div>- <span id="a0bec618-44ec-4d54-baec-a6d10cf999e9" class="GINGER_SOFTWARE_mark">Time-tables</span> </div><div>- <span id="7dd44b19-f862-4c32-9932-1342acf9ed52" class="GINGER_SOFTWARE_mark">etc</span> <span id="4abab4ae-c824-4915-8e8c-43e3c4d0e479" class="GINGER_SOFTWARE_mark">etc</span></div>
<div><br></div><div><br></div><div>I have a <span id="1fdcb8d8-146e-48d1-939d-0595df6c54c4" class="GINGER_SOFTWARE_mark">philosphy</span> that one uses responsibility to buy freedom and credibility. I doubt that there's a university where the network and <span id="d82c44c0-6aed-4105-a6f8-a3cfd2d3e3b7" class="GINGER_SOFTWARE_mark">sys admin team</span> have worked hard to put in place a routed internal RFC1918 network with useful services and still fail to make the case of a large block of public space. If there are, I'm offering to help guide them how to make the case to their suits.</div>
<div><br></div><div>And no, a simple request to <span id="15fc30c7-b4d9-487f-9573-00d095d5759d" class="GINGER_SOFTWARE_mark">management</span> of let's get public IPv4 space for every user will most likely get ignored and ridiculed because of the mere size. If the top 10 universities on this continent decided to give each network user 1 public IP address, your <span id="80b86006-47a8-4cc5-9360-ecd0f2658c86" class="GINGER_SOFTWARE_mark">favourite</span> RIR's v4 space won't last a year.</div>
</div><br><br><br clear="all"><div><br></div>-- <br><br>Mukom Akong T.<br><br><a href="http://about.me/perfexcellence" target="_blank">http://about.me/perfexcellence</a> | twitter: @perfexcellent <br>------------------------------------------------------------------------------------------------------------------------------------------<br>
“When you work, you are the FLUTE through whose lungs the whispering of the hours turns to MUSIC" - Kahlil Gibran<br>-------------------------------------------------------------------------------------------------------------------------------------------<br>
</div></div>