So what you're saying is that NAT doesn't scale well, at least from a
management perspective. I'm not surprised. Again, I would suggest that NAT
is not a silver bullet, but rather a useful "hack" in some circumstances.
The situation you describe appears to be demonstrative of its limitations.
(BTW, one time I forgot to change the NAT rules when I moved my sendmail
server on my four-machine network, and....) :-)
But then again, I would expect that a large corporation would see the need
to own a large address space, rather than attempting to "pseudo-expand" its
address space through the use of NAT. (My company, with a fairly
substantial intranet, uses proxying as its internal solution.) Maybe I
don't understand the usage you're describing, but the point I keep trying to
make is that NAT isn't evil; that doesn't mean it solves every problem, OR
that it should be re-engineered so that it does. -- Ian
-----Original Message-----
From: Perry E. Metzger [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 02, 1999 2:54 PM
To: Ian King
Cc: 'Richard Shockey'; Keith Moore; [EMAIL PROTECTED]
Subject: Re: IP network address assignments/allocations information?
Ian King <[EMAIL PROTECTED]> writes:
> And yes, additional IP addresses were going to cost dramatically more.
NAT
> was a simple case of economics... but on the other hand, I don't
experience
> any "lack" because of it.
You aren't a large corporation trying to deal with huge numbers of
private customer connections running over IP. When you've been
awakened in the middle of the night every night for a week, because
the NAT rules to deal with the fact that you have several
intercommunicating networks all of which think they're 10.0.0.0/8 have
become so complex no human can really remember them all any more,
you'd experience what many of the rest of us feel week after week. The
lack in question is a lack of sleep.
Anyone out there who thinks NAT works well and is harmless is not
familiar with how the brave new world of pseudo-internetworking
works.
"Oh, no. When we moved the mail hub for the client access networks in
location A, it seems no one remembered to update the NAT rules for the
systems in location C. That's why the help desk has been inundated
for three days..."
Perry
