Home page logo

nanog logo nanog mailing list archives

Re[3]: Where NAT disenfranchises the end-user ...
From: Richard Welty <rwelty () averillpark net>
Date: Mon, 10 Sep 2001 14:18:46 -0400 (Eastern Daylight Time)

On Mon, 10 Sep 2001 14:06:14 -0400 RJ Atkinson <rja () inet org> wrote:

At 13:47 10/09/01, Richard Welty wrote:
in the case of IPSec, the IP addresses need to be preserved end-to-end
as part of the whole security scheme.

True, but ONLY because the Internet Architecture lacks an alternative
namespace that could identify the box associated with a given network
interface. (The IP address is used in this context to identify the network
interface associated with the Security Association).  So that's all true
today, but is driven by a shortcoming in the Internet Architecture.

perhaps, but this doesn't invalidate either his question or my answer
to it. this whole discussion is really pointless due to the fact that
right this minute, reality sucks, and cannot be instantly fixed by a
stupid flame war.

Richard Welty                                    Averill Park Networking
rwelty () averillpark net                                      518-573-7592

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]