<div dir="ltr"><div class="gmail_extra">So in short ICT directorate and or IT departments must learn to back their case to management - for NAT free networks with SOLID FACTS.<br><br><br><div class="gmail_quote">On 21 July 2014 12:44, Mukom Akong T. <span dir="ltr"><<a href="mailto:mukom.tamon@gmail.com" target="_blank">mukom.tamon@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jul 21, 2014 at 11:42 AM, Seun Ojedeji <span dir="ltr"><<a href="mailto:seun.ojedeji@gmail.com" target="_blank">seun.ojedeji@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div> Below is the order that is experienced<br>
<br></div><div>1) We don't think <span>its</span> necessary to change - <span>Infact this</span> is mostly the case and when <span>ICT directorate</span> of an institution <span>don't think</span> there is any benefit/need to run native v4 every other item below get stalled!<br>
</div></blockquote><div><br></div><div><br></div><div>[Counter] </div><div><br></div><div>a) So long as we are using NAT, the more users we worse performance will get. Show the IT director graphs that show that even though <span>Internet</span> is slow, we are still within our bandwidth usage. (The pain <span>here which</span> they feel is poor performance. <span>Yes I</span>'ve used this before<span> ...</span>successfully)</div>
<div><br></div><div>b) Let's start with the network engineers, eliminate NATs internally! Route your RFC1918 space to and NAPT at <span>the the</span> edge. This has two implications</div>
<div><br></div><div> * You get visibility into your own internal <span>nework</span></div><div> * You make it easier to see that NAT is the bottleneck because your NAT kludge is not distributed everywhere on the network. </div>
<div><br></div><div>c) It should be easy to make the case for a larger block of public IPv4 space for services. (<span>and</span> hint, if you work on some cool internal services that the management and users love but suddenly can't use them when they are not in the office on campus, then you have one more reason to justify what that service should be on a public IP address.)</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
</div><div>
<br></div><div>2) We understand the need to <span>change but</span> scare of security implications<br></div></blockquote><div><br></div><div><br></div>
<div>[Counter] "What security implications are those?". Education is the first weapon against fear. "Look your fear in the eye and it will lose its power over you" </div><div><br></div><div>a) User behavior (clicking strange links, visiting hostile <span>sites etc</span>) already <span>by-pass</span> <span>whateve</span> security they think NAT provides.</div>
<div><br></div><div>b) SPI whence from the perceived benefits of NAPT come from isn't an inherent part of NAPT - it just happens to be often co-exist with a NAPT service. If for some reason you really want to do that with a public IP address, it is possible to do.</div>
<div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><br></div><div>
3) Our ISP is hindering our change due to extra recurring charges<br></div></blockquote><div><br></div><div><br></div><div>Specify your requirements that will work for you in your new RFP and put your ISP on notice. Only in rare cases does an institution not have options in ISP for a whole 3 years</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>
<br>4) Our management may not approve extra cost of internet (<span>its</span> not something to feel and touch like classrooms :))</div></blockquote>
<div><br></div><div><br></div><div>Most universities actually do highly value ICT as an investment to better the institution. The question is that does the ICT Director and his team know what the elements of effective ICTs are? So long as ICT infrastructure becomes another word for "Internet access" on campus, then of <span>course while</span> there is some Internet<span> ...</span> there's no need to improve.</div>
<div><br></div><div>Effective ICTs <span>for</span> the service of education is quite a lot about putting in place infrastructure that helps students, staff and administration both on-campus and off campus. These services should be available on <span>campus but</span> also when people move off campus. Things like</div>
<div><br></div><div>- MOOC or e-Learning services hosted on <span>campus but</span> that can be accessed off campus </div><div>- Online <span>registrations</span> systems</div>
<div>- Transcript application services</div><div>- <span>Time-tables</span> </div><div>- <span>etc</span> <span>etc</span></div>
<div><br></div><div><br></div><div>I have a <span>philosphy</span> that one uses responsibility to buy freedom and credibility. I doubt that there's a university where the network and <span>sys admin team</span> have worked hard to put in place a routed internal RFC1918 network with useful services and still fail to make the case of a large block of public space. If there are, I'm offering to help guide them how to make the case to their suits.</div>
<div><br></div><div>And no, a simple request to <span>management</span> of let's get public IPv4 space for every user will most likely get ignored and ridiculed because of the mere size. If the top 10 universities on this continent decided to give each network user 1 public IP address, your <span>favourite</span> RIR's v4 space won't last a year.</div>
<span class="HOEnZb"><font color="#888888">
</font></span></div><span class="HOEnZb"><font color="#888888"><br><br><br clear="all"><div><br></div>-- <br><br>Mukom Akong T.<br><br><a href="http://about.me/perfexcellence" target="_blank">http://about.me/perfexcellence</a> | twitter: @perfexcellent <br>
------------------------------------------------------------------------------------------------------------------------------------------<br>
“When you work, you are the FLUTE through whose lungs the whispering of the hours turns to MUSIC" - Kahlil Gibran<br>-------------------------------------------------------------------------------------------------------------------------------------------<br>
</font></span></div></div>
<br>_______________________________________________<br>
rpd mailing list<br>
<a href="mailto:rpd@afrinic.net">rpd@afrinic.net</a><br>
<a href="https://lists.afrinic.net/mailman/listinfo.cgi/rpd" target="_blank">https://lists.afrinic.net/mailman/listinfo.cgi/rpd</a><br>
<br></blockquote></div><br></div></div>