Home page logo

nanog logo nanog mailing list archives

Re: Where NAT disenfranchises the end-user ...
From: "Eric A. Hall" <ehall () ehsco com>
Date: Thu, 6 Sep 2001 23:49:00 -0500

"Charles Sprickman" <spork () inch com>

NAT has it's place, and we have many happy customers that are quite
pleased with their NAT'd connections; some simple, some fancy.

NATs are a band-aid.

What irks me more than NAT are crappy protocols like FTP and H.323 that
make too many assumptions about how much of my machine I am willing to
expose in order to communicate using these protocols.

FTP was designed for ARPANET, H.323 was designed to work over ANY packet
network. Neither of them were designed for TCP/IP in particular.

They don't break the end-to-end design principles though. Neither do network
games, chat tools, and other peer-to-peer protocols that run in elected-server
or server-to-server modes.

The fact is that I can write an Internet-compliant application in about two
minutes that will break every NAT ever sold, simply because they don't have a
proxy for the protocol. NATs violate fundamental Internet principles. They
were broken from the start.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]