In message
<200012180225(_dot_)VAA22463(_at_)ginger(_dot_)lcs(_dot_)mit(_dot_)edu>, "J.
Noel Chiappa" writes
:
I mean, I can understand it is a temporary thing, e.g. if one company buys
another, and in gluing the networks together they temporarily leave the
bought company behind a NAT, but interface it to the world via the main
corporation's gateway/NAT. But using a NAT box adds a ration of complexity
(which is always bad and a source of potential problems), and using layers of
them increases the complexity, with attendant complexity costs. I have a hard
time understanding why people would add that much complexity, without a
darned good reason.
I mean, once you're behind a NAT box, you've got a *lot* of addresses to play
with (how many, exactly, depends on how you're doing it). This is puzzling to
me - what configurations are there out there that demand more address space,
internally, than you already get with one layer of NAT box? Or is there some
other reason I haven't figured out to have layers of address space?
Generally, this happens not because of an address shortage, but because
of unforeseen interconnections between NATted sites.
--Steve Bellovin