Home page logo

nanog logo nanog mailing list archives

Re: Where NAT disenfranchises the end-user ...
From: "Eric A. Hall" <ehall () ehsco com>
Date: Mon, 10 Sep 2001 13:05:30 -0500

From: "Scott Gifford" <sgifford () tir com>

I've actually seen the question of how NAT breaks the Internet more
than a good stateful firewall come up more than once, and haven't
really seen a satisfactory answer.  Where does a stateful firewall
configured to only allow outgoing connections work that NAT doesn't?

Anywhere the IP address is a part of the protocol, and a proxy for that
protocol does not exist. Peer election protocols, replication protocols, etc.

Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]