On Mon, 26 Nov 2001, Rinka Singh wrote:
Any NAT would be able to translate both ways - OK it would stumble if
there was end-to-end encryption but a small device may not have
encryption capability. It should be easy to add NAT (one would need a
router, firewall, gateway/gatekeeper anyway).
Not as easy as one may initially imagine. Think of complicated application
level protocols as H.323 which carry ip information in packets. Adding
support to NAT gateways would involve integrating gatekeeper/H.323 proxies
to routers. End-to-end encription is other area where NAT would be very
difficult to implement. There are many examples of "difficult to be
accomplished with NAT tasks" (like P2P networks) that could be easily
solved by expanding the amount of available addresses (like IPv6). Not
talking about the specific capabilities IPv6 integrates (AH, for example).
I'm not saying that almost same things could be performed by clever NAT
under IPv4, but let's use Occam's razor and follow the simplest way of
implementing things...
Regards,
Flavio.