ietf
[Top] [All Lists]

RE: NATs *ARE* evil!

2000-12-15 12:20:02
Well, let me correct myself.  It is more along the lines of firewall
security being broken in the sense of all firewalls would have to be open to
entire networks instead of limiting individual hosts.  IP would be broken in
the sense of routers not being able to distinguish which route to choose in
the case of multiple hosts having the same IP address but they are located
behind different firewalls, routers, etc in different enterprises.

Tina Iliff


-----Original Message-----
From: Iliff, Tina 
Sent: Friday, December 15, 2000 11:48 AM
To: 'Dave Robinson'; Keith Moore
Cc: M Dev; Sean Doran; ietf(_at_)ietf(_dot_)org; iab(_at_)iab(_dot_)org
Subject: RE: NATs *ARE* evil!


Yes!  TCP breaks due to the fact that "true" source/destination sockets
cannot be defined.  The destination would not know where to send a response
except in the case where DNS is used...unless I need to do more reading

Tina Iliff


-----Original Message-----
From: Dave Robinson [mailto:drobinson(_at_)endtoend(_dot_)com]
Sent: Friday, December 15, 2000 11:11 AM
To: Keith Moore
Cc: M Dev; Sean Doran; ietf(_at_)ietf(_dot_)org; iab(_at_)iab(_dot_)org
Subject: RE: NATs *ARE* evil!


What's the problem with locally significant addresses?  Having thousands of
10 networks will never present a problem unless those networks at some point
would like to talk to each other.  Is that where this whole discussion is
going (or coming from) - that ultimately the more NAT'ing we do, the more
headaches we're creating for ourselves en route to true global connectivity?

Dave

-----Original Message-----
From: Keith Moore [mailto:moore(_at_)cs(_dot_)utk(_dot_)edu]
Sent: Friday, December 15, 2000 10:56 AM
To: Dave Robinson
Cc: Keith Moore; M Dev; Sean Doran; ietf(_at_)ietf(_dot_)org; 
iab(_at_)iab(_dot_)org
Subject: Re: NATs *ARE* evil! 


because in a NATted network the same addresses are used in different
parts of the network.  addresses are meaningless.



<Prev in Thread] Current Thread [Next in Thread>