ietf
[Top] [All Lists]

RE: NATs *ARE* evil!

2000-12-14 14:10:02
I could see valid cases for both reasons suggested below.  Another reason
from the customer point of view may be to lower costs.

Tina Iliff


-----Original Message-----
From: Tony Dal Santo [mailto:tmd(_at_)pt(_dot_)com]
Sent: Thursday, December 14, 2000 1:54 PM
To: Dennis Glatting
Cc: Sean Doran; ietf(_at_)ietf(_dot_)org; iab(_at_)iab(_dot_)org
Subject: Re: NATs *ARE* evil!



Dennis Glatting wrote:

On Thu, 14 Dec 2000, Sean Doran wrote:

So, why are people deploying them?

Just to name two...

1) With NAT I ask for much smaller address spaces. Consequently, I don't
have to disclose my network details, deployment is less likely to be
delayed, and both my non-recurring and recurring cost is lower.

2) I don't have to renumber my entire enterprise should I change service
providers, rather only the Internet interface devices.

What exactly is the state of the IPv4 "address pool"?  I realize there is
a PERCEIVED shortage, and this is usually the main motivation for NAT.
But is there a real shortage?  Are "reasonable" requests for addresses
being denied?

As for the renumbering hassle, if you have a small installation,
renumbering shouldn't be all that difficult (especially when using
DHCP).  For large installations, doesn't the organization own the
address pool, and take it with them when they change ISPs?  I know
this used to be the case.

If it isn't an address issue, is it a routing issue?  Is it that the
routing tables/protocols/hardware can't handle the large number of routes?
Are ISPs refusing to carry reasonable routes?  Seems to me if the entire
address space was broken up into subnets of 4096, there would be about 1
million routes.  What is the current size?  I think I remember seeing
numbers on the order of 50,000.

If there is a real shortage or routing problem, I understand the motivation
to use NAT.  There really wouldn't be a reasonable alternative.  But I have
yet to hear anyone claim that a reasonable request has been denied.  Based
on that, I tend to think most NAT installations are motiviated by other
(and in my opinion less valid) issues such as "security".

Tony Dal Santo



<Prev in Thread] Current Thread [Next in Thread>