I think the below statement provides important perspective. NAT is not the
Antechrist, nor is it salvation. Much of the work on "improving" NAT seems
much like "improving" the Band-Aid so it will last for a year, although no
one wears one for more than a couple of days! When IPv6 is deployed and
everyone's toaster can have its own IP address, I suspect that most folks
will be perfectly happy to decommission their NAT boxes.
Firewalls are another and likely more significant issue. However, focusing
on firewalls narrows the issue considerably; how many corporations are
concerned whether their firewalls are Quake-friendly? For those protocols
that are of interest to users of firewalls, the necessary work can be done
to either build ALGs, figure out tunneling methods, or design
firewall-friendly protocols; that work will be driven by a business need,
rather than an academic discussion of what "should" work.
It's important to know which protocols are broken by NAT and firewalls --
Keith Moore's work on that is very useful. But does each instance of
"breakage" represent something that needs to be "fixed"? Part of this
problem (NAT) will almost certainly go away; the other part (firewalls)
requires at most a subset solution.
Maybe we're trying too hard? :-) -- Ian
-----Original Message-----
From: Tony Dal Santo [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 30, 1999 8:29 AM
To: [EMAIL PROTECTED]
Subject: Re: IP network address assignments/allocations information?
[snip]
While NAT is an adequate stopgap solution to IP address dilemmas, in my
opinion, it shouldn't be the final solution.
[snip]
