Re: PAT

Keith Moore will tell you that you shouldn't bother with either PAT or NAT
because they both violate the end-to-end connectivity convention of the
Internet, and they break a long list of standard protocols (he will send you
the RFC that lists several), and have been an evil band-aid on the IPv4
address scarcity problem and have hindered progress by prolonging the use of
v4 and forestalled mass IPv6 implementation.  Did I miss anything, Keith?


yes.

you should use NAT or NAPT only if you really understand the consequences
of doing so, both on current and future applications.  (Hint: if you think 
that they only break apps that send addresses over the wire, you don't 
understand the consequences.)  there are situations where NAT or NAPT
are harmless, but they are rare.

(note: I prefer the term NAPT to PAT, but I think they are equivalent.)

the impact of NAT on nonstandard application protocols is greater than 
the impact of NAT on standard protocols; this is largely because NATs
typically contain ALGs to work around their inability to support popular
protocols.  but the Internet exists to support many different kinds of
protocols - not just the (currently) standard ones, and it's very 
important that the Internet be able to support new kinds of applications.

my list isn't one of standard protocols that NATs break, but one of 
common and reasonable application assumptions that NATs break.
I wrote the list because people kept making incorrect assertions about
NATs.  you can use it to better understand the limitations of NAT.  you 
can also use it to write applications that are more compatible with NAT.  
see http://www.cs.utk.edu/~moore/what-nats-break.html

I don't know that NATs have hindered progress of IPv6 nearly as much
as they've hindered progress of certain kinds of applications.
NATs have delayed the exhaustion of IPv4 space, but people differ on
whether this is a good or bad thing.  My feeling is that we would
have needed NATs to some degree by now anyway, but that they are being
widely misrepresented and inappropriately used in many (most?) instances.

I'm not nearly so opposed to the well-informed, voluntary, intelligent 
use of NATs as I am to the misrepresentation of NATs.

Keith

<Prev in Thread]	Current Thread	[Next in Thread>
PAT, Peter Burggasser Re: PAT, Jasen G. Strutt Re: PAT, Randall . Gale Re: PAT, Keith Moore RE: PAT, Leonard W. Miller RE: PAT, Lillian Komlossy RE: PAT, Brian . Rubarts Re: PAT, Keith Moore <= Re: PAT, Michael Richardson Re: PAT, Keith Moore Re: PAT, Michael Richardson Re: PAT, David R. Conrad getting IPv6 space without ARIN (Re: PAT ), Michael Richardson Re: getting IPv6 space without ARIN (Re: PAT ), David R. Conrad Re: getting IPv6 space without ARIN (Re: PAT ), Brian E Carpenter Re: getting IPv6 space without ARIN (Re: PAT ), Sean Doran Re: getting IPv6 space without ARIN (Re: PAT ), Brian E Carpenter Re: getting IPv6 space without ARIN (Re: PAT ), Michael Richardson