Re: [expert] IP Masquerading, The ABCs of

[Stephen F. Bosch]

"Eric L. Brine" wrote:
> 
> > Even if masquerading works in this situation, you STILL have packets
> > with 192.168.0 headers going out onto the local subnet, and if your ISP
> > notices this, you're going to get your wrists slapped.
> 
> I don't believe that's the problem. The problems are security/privacy and
> bandwidth usage.

Ultimately the ISP has to block these packets at their routers, or they
get into trouble, so it's not a huge problem -- but all you need is for
two people on the same subnet to make the same mistake, and you've got
trouble.
 
> Bandwidth: All internal packets are also being sent over to the ISP. This
> can cause performance problems. For example, if the LAN is 100Mbps and the
> connection to the world is only 1 Mbps, a transfer from one machine to
> another on the LAN will be limited to 1Mbps.

Hadn't thought of that -- interesting =).
 
> Security: The ISP and possibly other clients can see your internal
> packets, and possibly even gain access to your private network.

Exactly.

-Stephen-