
By installing NAT, MIT stifles innovation - catherinezng
http://blog.achernya.com/2017/06/by-installing-nat-mit-stifles-innovation.html?view=classic
======
znpy
A lot of fuss, but if you look at the presentation slide in the middle of the
page
([https://4.bp.blogspot.com/-PyyPpTv1p7g/WU7hMEBnm4I/AAAAAAAAE...](https://4.bp.blogspot.com/-PyyPpTv1p7g/WU7hMEBnm4I/AAAAAAAAEZ0/IZSBv4d5G1kV2rCkpA-
DziMB_4o2ri0RQCLcBGAs/s640/MITNAT-Slide.png) for reference) it is clear that
MIT is not stifling anything or shutting anyone's mouth.

MIT is just moving to IPv6.

Actually... MIT forcing an entire generation of future engineers to deal with
IPv6... That will literally push innovation.

~~~
dheera
No. IPv6 is great in concept but the world just isn't ready for it yet. Even
our Google Wifi access points don't support IPv6 in their latest firmware, so
I have no way of using IPv6 even though Comcast supports it. AWS IPv6 support
has been sketchy until only this year. Many parts of the world are happily
dancing with their IPv4 NAT and their sysadmins have no incentives to support
IPv6 whatsoever.

Forcing people to use anything is _never_ a good way to promote innovation.

I went to MIT for my undergrad and doctoral studies. One of the _main_ reasons
I chose MIT over other schools was the ease of availability of static IP
addresses, unlimited symmetric gigabit bandwidth, no port restrictions, and
other things. I even mentioned this in my undergrad application essay. I built
a _lot_ of things with it and learned a lot in my time there. I probably
learned more outside of classes than in classes, and I think that's one of the
distinguishing aspects of MIT culture.

~~~
timdorr
> Forcing people to use anything is never a good way to promote innovation.

Of course it is. That's how innovation happens. They are focused on overcoming
a constraint of the system they operate within. In this case, it will be to
get around the limitations of the private IPv4 network, or to make the
upcoming IPv6 network easier and more appealing to use.

Most innovations are to overcome some sort of limitation, whether that is with
a man-made system or just the laws of nature as we currently understand them.
Unbounded innovation hardly ever occurs and usually results in some shitty
mobile game.

Now that's not to say MIT IS&T isn't behaving extraordinarily shitty here. But
this won't stifle innovation, just refocus it. Whether that's towards a more
worthy goal is certainly up for debate.

~~~
dheera
Innovation will happen, but it is heavily misdirected.

What if I'm a biology expert and want to run a server to demo something cool?
I should be spending my time doing innovation in biology.

What if I'm a deep learning enthusiast and came up with something cool to
demo? I should be spending my time hacking at that.

What if I'm a physics student and want to start a blog?

The majority of MIT students are awesome innovators, but most are not
innovators in TCP/IP. Forcing a bunch of people who are _not_ networking
specialists and sysadmins to deal with the lack of IPv6 support in the _rest
of the world_ is not going to promote innovation where it needs to be.

~~~
thwarted
Running a server isn't demoing something cool in biology, coming up with
something cool to demo in deep learning, or starting a blog. If these people
are going to spend their time doing innovation in biology, hacking on deep
learning, or writing about physics, they shouldn't be spending their time
running a server _or_ configuring IP.

~~~
dheera
Why not? It's 2017, and it's super-easy to spin up a server and code something
cool to demo something you did in any of these fields. Or spin up an MVP of a
random product idea you have. Never tell anyone that "they should not be doing
something" when they want to. That too stifles innovation. The idea is to
create a low-friction path for people to do what they actually want to do.

NAT is technological friction. Telling people that "they should not do
something" is also friction.

What about even just learning to write apps in your own time? I built dozens
of demo websites while I was a student there. A few were slashdotted. Having
IPv4 addresses and access to bandwidth from my bedroom was a _massive_
blessing.

The problem isn't configuring IPv6. The problem is without IPv4 you cannot
easily make a server that is guaranteed accessible from anywhere in the world,
by anybody. That's not a problem that most MIT students are in a position to
solve or innovate in a short time. At least not without spending money for an
AWS instance that frankly most undergrads don't have the money for.

Innovating in making an HTML5 app to demo your cool bioinformatics project on
the other hand is a weekend hackathon deal.

And servers are basically free at MIT. You can just pick up and assemble them
up off of reuse when labs throw away various parts. Plug them into your
gigabit ethernet socket in your bedroom, get an IPv4 address, and you're up
and running in less than an hour.

~~~
thwarted
_Why not?_

You're the one who said people should be spending their time doing innovation
in biology, hacking on deep learning, and starting a blog, rather than
learning how to configure and deal with networking.

If anyone wants to do those things, they can do them now and not have to worry
about installing and configuring servers and dealing with IP networking. Or
they can work on innovating in networking.

The fact is, however, that no one is going to say "if my server wasn't IPv6
only, _then_ people would read my blog". They'll most likely be saying that
because there's a lot of other content to consume on the Internet, and
attention is limited. And if that is the case, they can get a $5 a month
digital ocean instance, or one from any number of other providers, accessible
over IPv4 and IPv6, and serve both protocols to entire Internet.

Also, chances are, the audience for a physics student's blog is most likely at
some university, which has a good chance of having a working IPv6 stack;
especially now that MIT is going wholehog on IPv6.

------
ghshephard
Wow - 2603:4000::/24\. That's the largest block of IPv6 addresses I'm aware of
being handed out to a single entity.

Normally, ISPs get a /32, from which, they hand out /48s to their customer.
And, with pretty much zero paper work, and ISP can get a second /32 (usually
adjacent with their first /32 so they can summarize as a /31).

So - an ISP might get 2001:1868::/32 and then hand off 2001:1868:0209::/48 to
a customer.

Because a /48 allows 2^16 or 65k networks, each network containing
(effectively) an infinite number of hosts, pretty much every single geographic
region company can be effectively served with a single /48\. The /32 allows
the ISP to have 65K customer (each of which has 65K networks).

What on earth is MIT going to do with a 2603:4000::/24? I'd love to hear the
story behind why they got such a large block.

edit: according to
[https://www.arin.net/fees/fee_schedule.html](https://www.arin.net/fees/fee_schedule.html)
this is considered a "medium" (WTF?) allocation with a cost of $4k/year.

~~~
throwaway2048
It has nothing to do with amounts of addresses, and everything to do with
making dividing stuff up for routing easier.

A large ISP entity like comcast or AT&T can now have say a single /16 or /24
allocation and pretty much no matter how much they subdivide up their regional
routing, routing to AT&T can easily be coalesced and summarized , and every
end customer can still get a /64 till pretty much the end of time.

~~~
ghshephard
I totally understand why Comcast, AT&T, Verizon and other service providers
would want /16s. They are continent wide providers with millions of customs
(millions of sites).

I'm trying to grok why MIT went for a /24 instead of a /32\. Because they
could?

~~~
jedberg
Because they are replacing their /8\. They want to make sure they are never
constrained.

~~~
ghshephard
With their IPv4 /8 they had 2^24 IPv4 addresses to work with, or, from a
network perspective, 2^16 /24 (65K) networks, each network containing no more
than 254 hosts.

If they had requested a boring /48 IPv6 allocation (that anybody can have just
by asking) - they would have had 2^16 /64 networks, and each network could
have had basically an infinite number of hosts.

But, this is the IPv6 world, so I would have expected MIT to claim they were a
LIR (Local Internet Registry - equivalent of a small ISP or larger) - and
asked for a /32 - which would have given them 2^32 networks - or 4 Billion
networks to work with. They probably would have assigned the networks by
segmenting them on a per site basis - so each site would have had a /48
assigned, so they could have up to 65K sites, each site having 65K networks,
each network having (effectively) infinite number of hosts. That is, a /32
would have been far, far, far larger than their /8 was. Easier to manage as
well (no VLSM - nothing ever smaller than a /64) And, keep in mind, with a
single, no contest request, they could have gotten the /32 adjacent to theirs
(another 4 Billion networks, or 65K /48s) so they could aggregate on a /31.

Instead, they've asked for a /24\. And I'm just darn intrigued as to _why_
they think they can make use of such an address space. If they weren't
constrained with their /8, then a /32 would have been far more than they ever
required. (And odds are a /48 would have been sufficient with even modest
address management).

I mean, I work with really large mesh networks, millions of nodes, some of our
subnets have 20K nodes each on them - we roll out /48s like they are nothing,
and even after deploying a couple hundred customers over 10 years, and 25
million nodes, I think we've used up maybe 1500 /48s.

BTW - this doesn't even take into account that they can use RFC 4193 up the
wazoo for all sorts of interesting non-globally routable experimental internal
networks.

I"m just hoping someone from MIT is reading HN and will clue us in.

~~~
xenadu02
I don't see what the problem is. The IPv6 address space is so large it doesn't
matter at all.

~~~
Terr_
Isn't that what they once said about IPv4 when they were divvying it up?

~~~
ghshephard
Orders of Magnitude are completely different, of course. When MIT got it's /8,
(one of just 255 available), it gave them the ability to create 2^16 networks
with just 254 hosts on each one.

Now, _anyone who wants to_ can ask for a /48, and they are automatically given
it, and they are able to create 2^16 networks, each network with an
effectively infinite number of hosts on it. And, there are so many /48s on the
(current) Global Unicast space (prefixes starting with 001), that everyone on
earth could be granted 4000 of them. And, in reality, ISPs started already
conserving, and handing out /56s instead of /48s to most consumers/SoHo -
further increasing that number by 255x.

And that's just the 001 prefix. Based on what we learn about allocating space
there, new policies can be device for the other 6 prefixes available. We
aren't going to run out of IPv6 address space.

------
AndyMcConachie
MIT is selling its IPv4 space to fund its transition to IPv6. Didn't see this
link anywhere in the article.

[https://gist.github.com/simonster/e22e50cd52b7dffcf5a4db2b8e...](https://gist.github.com/simonster/e22e50cd52b7dffcf5a4db2b8ea4cce0)

------
yuhong
"The Library has the entire Net 18 address space registered at many hundreds
of publishers of licensed e-resources. With no prior notice, we have been
forced into non-compliance with our licenses with every such provider." I
wonder what if the publishers actually sued MIT and Amazon, with maybe a
injunction preventing Amazon from using the space.

~~~
inopinatus
That kind of statement is simply an institutional prelude to internal
negotiations for an increased departmental budget.

------
robertch
Projects have broken over this, with no real gain for implementing it. You
would expect more rationality from MIT, of all places.

~~~
KGIII
No, no I would not expect more rationality. I am an alum. I am long since out
of academia and have no idea what is behind this. However, if I had to guess,
I bet there is some inner politics. Just 'cause it is MIT doesn't mean it is
is free from human nature. And, truthfully, I've seen some petty things get
all sorts of dramatic.

We are humans. We're not rational beings, we're rationalizing beings. We like
to pretend we are better but there is a valid reason that they say science
progresses one death at a time.

------
kalleboo
I moved to student housing in Sweden in 2004 when they had aging network
infrastructure (all 100 MBit but that also applied to the shared links to the
housing areas[0]), and by the next year they just ditched the school-sponsored
network and moved to making students pay for third party internet
(distribution to rooms was still Ethernet-based but now with a citywide fiber
backhaul run by the municipal power company shared by regular apartment
buildings).

We got faster service with fewer restrictions (no P2P service filters) for
like $10/mo with student pricing, and still with fixed IPs.

I'm not sure why what innovative service a university can provide in this
space in 2017?

[0]which meant about 1000 rooms sharing 100MBit internet access. This was
somewhat mitigated by local DC++ networks in each housing area to keep piracy
downloads off the shared link.

~~~
acrefoot
Do you have to pay $10 per server you set up?

Also, by acting as the ISP, it also gets to be more protective of its log data
than an outside provider might be.

It's not that an outside ISP couldn't provide the same level of service and
speed at the same or less cost, while protecting the interests of the MIT
community, it's just that I don't expect it's as likely.

~~~
kalleboo
I don't recall the pricing for extra IPs but it was probably something like
that. I just had a stack of servers built out of donated parts in my dorm room
hosting different services on VHosts. At one point I was pushing 3 TB/mo in
outgoing bandwidth on that $10/mo plan.

------
jancsika
> Instead of being renumbered into publicly-accessible IP ranges, IS&T is
> moving all of campus into RFC-1918 10/8 addresses, and enforcing the campus
> firewall, which will be made up of Palo Alto 7050 devices, which are best
> known for their deep-packet inspection feature, App-ID.

Then later in the article:

> NAT deployment doesn't benefit the Institute in any way, other than to make
> things more difficult.

Possibly ignorant question-- could this choice be influenced by the
inescapable rise of cheap IoT devices flowing in from China?

I mean if a freshman arrives with a desktop rig they bought purposely to use
as an experimental server, and they explicitly register the software using a
web form, you can imagine a very loosy-goosy relationship among students and
IT built on good faith.

But if a freshman unloads their luggage and a few dozen random internet-
connected baubles drop out and start joining the network, what is IT supposed
to do? Especially considering MIT probably does a lot of research for DoD...

------
amq
I'm all for supporting innovation and community services, but I think author
is not mentioning other possible causes, like DMCAs, malware and spam
(including unintended), which could have damaged the reputation.

I just wonder why MIT didn't give more time to move and why it doesn't provide
a replacement in eg cloud credits.

~~~
jjoonathan
If it went down like it did at CMU, IT polarized into a camp that wanted to
maintain the traditional stack and a camp that wanted to tear it down and
replace it with contemporary cloud services. When the latter won, they wasted
no time in salting the earth of the former's territory.

Disclaimer: I wasn't actually party to any of this, I heard it second hand,
corrections welcome.

~~~
yuhong
So why did the latter win?

~~~
jjoonathan
The non-CS departments weren't huge fans of Andrew when I was there. Instead
of learning to use it, they would work around it. I suspect the tension
eventually came to a boiling point.

------
ChuckMcM
From the article:

 _NAT deployment doesn 't benefit the Institute in any way,..._

I have often had changes foisted upon me that when I looked at them I could
see no benefit. In every instance the 'benefit' I didn't see was one that I
typically didn't approve of and so hadn't listed in my set of 'possible
benefits'.

From reading the article though it sounds like MIT has had a very open and
loosely (if at all) documented set of features around network access. And in
today's world network access is many things more than it was 10 years ago. But
perhaps the process of going through and documenting all of the things they do
was 'too expensive' compared to setting it up the way the institution wanted
it to work and then dealing with any fallout as it arose.

Another in a series of signs that the Internet is moving from science project
to critical infrastructure.

~~~
compuguy
The benefit is that they can use the proceeds of the sale of the IP block to
upgrade their infrastructure.

~~~
ChuckMcM
Agreed and it doesn't seem to be one that the author considered.

------
jpace121
I wonder if any of this is related to the new NIST Standards[1], which have to
be followed by research labs who receive government funding. I could see MIT,
already having to retrofit a lot of their research networks, also changing
around the network architecture in other places aswell.

[1]:[http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP...](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171.pdf)

~~~
hawkling
Nah, NAT doesn't provide the security; firewalling does.

Besides, what kind of controlled unclassified information could possibly be
residing on dormitory networks?

~~~
russellbeattie
Sorry, but NAT provides practical security for all but the most pedantic use
cases.

I'm terrified of IPv6 for this exact reason - it assumes every device will
have direct access to the Internet. As we've seen with security cameras and
other IoT devices, they just aren't designed to protect themselves and are
easily hackable, so making them accessible to the wider Internet is crazy.
Firewall options for IPv6 for most home routers are limited at best at the
moment... I for one am quite happy to have all my local devices happily
running behind an IPv4 NAT (in addition to a firewall), knowing they can't be
targeted directly without some sort of concerted effort.

~~~
cr0sh
IPv6 supports NAT...

~~~
giobox
True, but I think its fair to say the crazy wide proliferation of IPv4 NAT in
consumer routers wouldn't have been nearly as large if IPv4 address exhaustion
hadn't been a very real thing forcing hands. IPv6, at least for the
foreseeable future, doesn't have this motivating factor for using NAT.

I completely agree in principle with the old adage "NAT is not a firewall",
but in reality it often effectively works as one for many consumers, many of
whom probably don't have the technical knowledge to understand the protection
it has indirectly afforded them for the past however many years.

------
betaby
Author got it wrong. MIT wants you to use IPv6.

~~~
imjustapie
How can MIT people use IPv6 when it hasn't been rolled out on campus yet? How
does it make any sense to put the campus (Ethernet) network behind a NAT, when
MIT still has 18.0.0.0/9, half of what MIT has before but more than plenty to
go around?

~~~
Reason077
NAT will make future sales of IPv4 blocks easier? As you say, MIT doesn't need
all those 8 million IP addresses, and eventually will adopt IPv6 anyway. Might
as well sell surplus v4 space while it's still valuable.

~~~
imjustapie
But why is MIT making money on those addresses more valuable than giving its
students an opportunity to experiment and innovate? Why would selling those
"unused" spaces to Amazon further the cause of IPv6?

Also MIT hasn't even rolled out IPv6 yet...

~~~
new299
Would the logic not be that the money will be spent on more useful things for
students?

~~~
imjustapie
Perhaps. I haven't seen public discussion on the plans to use the fund though,
other than vague promise that it will be used on Internet things.

~~~
rovr138
> Net proceeds from the sale will cover our network upgrade costs, and the
> remainder will provide a source of endowed funding for the Institute to use
> in furthering its academic and research mission.

Source:
[https://gist.github.com/simonster/e22e50cd52b7dffcf5a4db2b8e...](https://gist.github.com/simonster/e22e50cd52b7dffcf5a4db2b8ea4cce0)

------
imjustapie
kudos to this well-researched post. As a student with a server in a dorm room,
I really hope they don't take away my public IP address.

~~~
smoyer
There are advantages to being on a private network behind a firewall ... and
they could still offer a DNS name and routing to your computer if it was on a
private network. It's likely that the only difference is that you'd also have
to specify what ports you want exposed to the outside world. This is a win for
you from a security perspective - having additional layers of security won't
hurt you.

~~~
Symbiote
NAT is not an additional layer of security.

I run our servers on public IP addresses, behind a firewall. Troubleshooting
and debugging is made much easier, and there's never any conflict with VPNs
etc.

> It's likely that the only difference is that you'd also have to specify what
> ports you want exposed to the outside world

Port 80, please. With NAT, you can't offer that to more than one computer.

~~~
shif
But you can, a simple reverse proxy can let the same port be used for multiple
servers and pick based on hostname or query (for http).

reverse proxies like nginx also have plain tcp support so it allows you to
easily run several services

~~~
Symbiote
So, now I have to run a reverse proxy -- another point of failure, another
thing to debug when something's not working.

That's a hack to work around a shortage of IP addresses. Why would I use one,
when I don't have that shortage?

~~~
compuguy
Well, you can have tons of static IP addresses, or funding to support MIT and
future IT upgrades.

------
Dryken
Wish I had access to such resources during my education ! Too bad they are
breaking their own system.

------
unsignedint
Perhaps doing it over .onion?

Actually I have been experimenting this for my pet projects. Downside is that
it's relatively slow but getting "global" address is click (well a few lines
of config) away...

~~~
imjustapie
But that would just be ridiculous, considering that experimenting with Tor
relays is like a favorite student passtime...

~~~
unsignedint
You don't need to run a Tor relay in order to run a hidden service. I have
thrown in this idea as it's a dead simple (cheap/free, and you don't have to
coordinate with anyone) to get your stuff publicly, let alone for experimental
purpose.

~~~
kodablah
> You don't need to run a Tor relay in order to run a hidden service

In fact, you shouldn't run them both [0]

0 - [https://riseup.net/en/security/network-
security/tor/onionser...](https://riseup.net/en/security/network-
security/tor/onionservices-best-practices#dont-run-a-relay-at-the-same-time)

------
gumby
When I was at the Institute (80s) the IT services were a barrier to
computation. They had their big 390/VM system used for accounting and some
course 15 stuff. One intern digitized the Mens et Manus logo and IT excited
trumpeted that they had done so -- jeez it had been in a font on the Xerox XGP
at the AI lab for what, 15 years at that point?

All of course 6 ignored them, and I don't believe they had any impact with
Athena. Certainly they would have been upset by faculty writing the root
password on all the whiteboards.

In fact they had nothing to do with IP allocation (I doubt they knew what TCP
was). I wonder what bureaucratic maneuvering gave them control of that!

------
mintplant
At UCSD we not only got a public IPv4 address for each device but also an
automatic *.dynamic.ucsd.edu subdomain assignment based on the device
hostname. Came in handy for my Raspberry Pi.

~~~
imjustapie
Yep, that's the way it's traditionally been at MIT as well. The DHCP hosts get
things like DHCP-ipaddressspelledoutinenglish.mit.edu. The fear is that it's
all going away.

------
SadWebDeveloper
My college didn't have internet campus wise, you had access to a limited,
firewalled internet "protected" by Fortinet so i can't feel empathy for the
MIT alumni since you can perfectly work without those tools.

~~~
juniorpatcher
Sorry that your college doesn't see Internet access the same way MIT does. But
don't you think that by making its campus network more unnecessarily
restrictive, MIT is setting a bad example?

~~~
akhilcacharya
Not OP, but not really.

In the age of AWS, maybe it's time the elites see how the other half lives?

------
jonbarker
Who sold the IP addresses to amazon? That part was not clear to me.

~~~
compuguy
MIT did. They owned that ip block.

------
api
Does MIT have IPv6? If so just use that.

~~~
achernya
Author here -- MIT does not currently have IPv6. Although MIT did receive a
/24 IPv6 allocation,
[https://whois.arin.net/rest/net/NET6-2603-4000-1](https://whois.arin.net/rest/net/NET6-2603-4000-1),
it's not routable everywhere on campus yet.

Unfortunately, IPv6 deployment is still below 20% (as measured by Google,
[https://www.google.com/intl/en/ipv6/statistics.html](https://www.google.com/intl/en/ipv6/statistics.html))
so a publically-accessible IPv6 address is not yet sufficient.

~~~
astrodust
20% is starting to reach critical mass.

~~~
rocqua
I'm not switching my private network. This has nothing to do with wider
adoption, nor do I have issues with IPv6 as a protocol.

What's blocking me is router firmware. It can do IPv6, but only as an
afterthought. Sadly, no level of adoption is going to fix that, until I buy a
new router.

~~~
astrodust
Time for a new router, then, and by "new" I mean any produced in the last ten
years. I have several old routers in a junk drawer that only do 10/100 and
even they support it.

~~~
rocqua
It supports it, but DHCP and the firewall are much less configurable. Things
are exacerbated by my being behind 2 routers.

A router that fixes all this is at least 120. That is too much for me. I tried
dd-wrt, but that doesn't fix the first router on the chain.

------
cxseven
For everyone talking about this being merely a question of technical updates,
it might help to see this in the bigger picture of a pattern of changes going
on at MIT.

MIT had a very non-authoritarian, egalitarian culture, as Richard Stallman
described it:

"I went to a school [Harvard] with a computer science department that was
probably like most of them. There were some professors that were in charge of
what was supposed to be done, and there were people who decided who could use
what. There was a shortage of terminals for most people, but a lot of the
professors had terminals of their own in their offices, which was wasteful,
but typical of their attitude. When I visited the Artificial Intelligence lab
at MIT I found a spirit that was refreshingly different from that. For
example: there, the terminals was thought of as belonging to everyone, and
professors locked them up in their offices on pain of finding their doors
broken down. I was actually shown a cart with a big block of iron on it, that
had been used to break down the door of one professors office, when he had the
gall to lock up a terminal." ([https://www.gnu.org/philosophy/stallman-
kth.html](https://www.gnu.org/philosophy/stallman-kth.html))

In 2004, the MIT AI Lab was "upgraded" to the new Stata Center building, an
unwieldy, Frank Gehry-designed monument to a recent MIT president's ego, and
the antithesis of what it replaced, Building 20. Building 20 was a utilitarian
construction from WW2 with no pretenses of becoming a prized or permanent spot
on campus. Instead, its residents helped it organically acquired a character
of its own as Wikipedia describes well:

'Due to Building 20's origins as a temporary structure, researchers and other
occupants felt free to modify their environment at will. As described by MIT
professor Paul Penfield, "Its 'temporary nature' permitted its occupants to
abuse it in ways that would not be tolerated in a permanent building. If you
wanted to run a wire from one lab to another, you didn't ask anybody's
permission — you just got out a screwdriver and poked a hole through the
wall." [...] MIT professor Jerome Y. Lettvin once quipped, "You might regard
it as the womb of the Institute. It is kind of messy, but by God it is
procreative!" [...] Because of its various inconveniences, Building 20 was
never considered to be prime space, in spite of its location in the central
campus. As a result, Building 20 served as an "incubator" for all sorts of
start-up or experimental research, teaching, or student groups. [...] Building
20 was the home of the Tech Model Railroad Club, where many aspects of what
later became the hacker culture developed [not to mention pranksters and lock
pickers, as well].'

Sadly, the TMRC's elaborate railroad, which exhibited interesting pre-
miniaturization computation, didn't survive the dismantling of Building 20 and
was eventually replaced with modern components. I also hear the Stata Center
has two spires, one maddeningly named after Bill Gates, separating the two
fiefdoms of computer science at MIT in glass-paneled offices meant to flatter
status-conscious administrative types. Since Frank Gehry's architecture is
proprietary and depends on strict tolerances, there's scant building
modification going on.

That's why I think you can see these network changes as a tragic continuation
of a destruction of the historical character of MIT, even though they may also
be necessary.

More info about Building 20:

[http://web.archive.org/web/20011215020413/http://rleweb.mit....](http://web.archive.org/web/20011215020413/http://rleweb.mit.edu/Publications/undercurrents/under9-2/bld20rem.htm)

[http://web.archive.org/web/20060912140051/http://www.eecs.mi...](http://web.archive.org/web/20060912140051/http://www.eecs.mit.edu/building/20/)

[http://tech.mit.edu/V123/N40/40stata.40n.html](http://tech.mit.edu/V123/N40/40stata.40n.html)

------
hagakure0c
Its called progression, long time since the Trojan room coffee pot.

------
nly
Maybe they'll offer 1:1 NAT on-request?

------
gocolts23
Why does this blog require javascript?

~~~
microcolonel
Unfortunately because of Google. Dunno why they did that, it doesn't make it
any better; but it's not really the author's fault either.

~~~
jwilk
It's not obligatory to use Google products for your blog.

------
VT_Drew
MIT wasn't running NAT before now? WTF? Talk about a security nightmare.

------
akhilcacharya
I might be weird but I always think it's funny to hear what the elites
complain about. It's like hearing Yalies complain about their CS department or
someone at Harvard complain about the food - completely divorced from the rest
of us.

