"Perry E. Metzger" wrote:
>
> Randy Bush <[EMAIL PROTECTED]> writes:
> > get real. a LOT of folk have deployed nat, hundreds every day. it's easy.
> > it solves the customer's perception of their problem. it's not expensive.
>
> It is *astonishingly* expensive. It only seems cheap until you have to
> maintain it. And yes, I'm going by Actual Live Customer Experience In
> Actual Live Large Companies.
The counter argument is that for the Home Networking case, which is a
HUGE market, it is indeed cheap and easy to use. Please accept THAT
reality.
NAT can be used for a variety of things. Perhaps we can agree that it's
a good hammer when the nail is a home network, and concentrate on what
to do about the large corporation issue.
> I'll keep posting this so long as people keep on with the "NAT is
> cheap and works well" myth. NAT is a fine solution for someone running
> three Macs and a Linux box behind a cable modem. It does not, however,
> scale, and This Costs Big Time. If you expect to run a large
> enterprise on NAT, be prepared to do the moral equivalent of ripping
> up $100 bills and flushing them down the toilet, hour after hour.
Fine. Let's focus on your corporate use of NAT issue, since that's where
you have problems. I, for one, would like to hear more about how these
companies are using NAT, and perhaps we can from there work toward some
solutions.
I'd suggested the other day allocation of a block of addresses, to be
handed out by a registry in small chunks, specifically for use in
interconnects between companies. I had heard lots of rumblings in the
past that this is where NAT in large companies was causing trouble. From
the lack of any response, perhaps the problem is otherwise. Since you're
having such troubles, and since many of us apparently don't understand
the situations where you're getting into trouble, please enlighten us.
I've generally been of the opinion that NAT is a very workable solution
for the small office and home network, and questionable for larger
networks. Sounds like you're saying the same.
--
-----------------------------------------------------------------
Daniel Senie [EMAIL PROTECTED]
Amaranth Networks Inc. http://www.amaranthnetworks.com
