Oliver Boehmer (oboehmer) oboehmer at cisco.com
Wed Nov 16 06:33:53 EST 2005

Mark Tohill <> wrote on Wednesday, November 16, 2005 12:20 PM:

> I sent this originally to BBA List. Hope I'm not off-topic.

Cc'ing bba list 
> We have DSL users coming in on 7204VXR's over L2TP VPDN acquiring
> static IP's, both gateways and small subnets (/29's for example).
> We suspect a lot of our users are not using their /29's and are
> NAT'ing etc. on their gateway addresses.
> Is there any relatively easy way of finding out this sort of
> information?
> Ideas spring to mind are ACL's, gleaning info from CEF (???), ip
> accounting....
> Has anyone ever come up against same problem or has an idea how this
> might work?

What are your objectives? To find out if your product is actually used
the way it is intended to, or if you might as well offer fixed /32
addresses only since most of the customers use NAT anyway?

CEF installs a /29 prefix and doesn't care or tell which addresses out
of this network has been used. IP accounting is a way, but it is
expensive. I would investigate Netflow (possibly sampled) and work from


