===========================================================================
                              CCR Review #43A
                 Updated Monday 29 Mar 2010 2:15:28pm EDT
---------------------------------------------------------------------------
   Paper #43: Investigating the Impact of Service Provider NAT on
              Residential Broadband Users
---------------------------------------------------------------------------

                         Timeliness: 5. This topic is likely to become hot
                                        in the next year
                            Novelty: 1. Little to add to existing work
              Technical correctness: 4. Only minor technical errors
                            Clarity: 5. Lucid
                     Recommendation: 3. Reject

                    ===== Summary of contribution =====

This work uses DSL traffic traces to conduct a simulation study of the workload 
of an SPNAT session table. Two parameters are evaluated: the rate of table 
insertions + deletions and the peak size of the table. The authors find that a 
significant number of table entries are due to single-packet UDP flows and 
propose using a shorter inactivity timeout for single-packet UDP flows to 
substantially reduce the table size.

                       ===== Detailed comments =====

This is an interesting and important finding as it indicates how an SPNAT could 
fail by the "strange" behavior of a protocol (BitTorrent in this case). On the 
other hand, the proposed solution is not convincing, BitTorrent or other 
outliers could slightly change their behavior (sending for example two packets 
instead of one) in their next version to easily bypass the remedy. A 
sustainable and deployable solution to this problem cannot be based on the 
approach proposed by the authors. The detection and remediation of such 
unwanted behaviors (ie 10K concurrent UDP sessions) could and probably should 
be addressed externally of an SPNAT, by anomaly/intrusion detection systems, 
which could easily adapt their policies to the changing characteristics of 
BitTorrent and other similar outliers.

In summary, I do like this paper, but I do not find the contribution 
significant enough for publication in this journal. Besides, I am still not 
fully convinced about focusing on the *maximum* per-user transaction rate and 
number of concurrent flows. The relevant quantity for an SPNAT is the *total* 
transaction rate and table entries of a group of users.