Re: Why people by NATs

At 09:44 AM 11/22/04 -0500, Eric S. Raymond wrote:
> Who needs market research?  All you have to do is look at the cost-feature 
> profile of the most popular NATs and notice who they were designed for. 
> Those vendors have already done the market research and bet real money on 
> the results.
Yes, but be careful with that. What has happened at Linksys and others is 
that they have come up with a simple configuration that allows them to sell 
a pre-configured device to a client, advertise a few features that clients 
like, and sell them like hotcakes with little or no support costs. What the 
customer is buying is not, in most cases, "uses private addressing to 
separate your IP address space from that of your ISP so that if you move 
you will not have to reconfigure things." That may be what Linksys etc is 
selling, but what the customer is buying is "plug it in and it will work." 
Any configuration that gives the customer simplicity of implementation by a 
non-expert in the technology will meet their needs.
> To sum up, NAT gives me two features:
>
> 1. Multiple machines on the single-address allocation the ISP gives me.
> 2. Decoupling of mt local network addresses from the ISP assignment.
>
> I hear a lot of muttering about NATs being evil.  I really don't have an 
> opinion on the subject -- I understand some of the theoretical problems, 
> but they've never bitten me.  So, asking as a network administrator, how 
> would the implied problems be solved in an IPv6 world?
In an IPv6 world, I would expect your ISP to sell you a /64 at one price or 
a /48 at another. The /48 is for if you will subnet behind your firewall, 
which is to say "if you are a business". What your Linksys gives you is a 
fairly common residential configuration - a single LAN encompassing your home.
With said /64, you have 2^64 addresses inside your home. How much equipment 
did you say you had?
I submit that if your environment is at all like mine, you don't actually 
configure 192.168.whatever addresses on the equipment in your house. You 
run DHCP within the home and it assigns such. That being the case, you 
actually don't know or care what the addresses are on your equipment. You 
care that your SIP Proxy and etc know the relationships, and they derive 
them directly without your intervention.
The one address you actually do care about is that of the server you 
mentioned. If the server is behind the NAT, you have a configuration on the 
Linksys that translates a certain set of TCP and UDP port numbers when 
addressed to the Linksys to the interior address of the server, and when 
you change ISPs you will have to change that configuration. Frankly, while 
the task is different, I don't see a large workload difference between 
changing that configuration and changing a similar configuration that poked 
an incoming hole for web and mail traffic to your web and mail servers.
So I will argue that the value of (2) is ephemeral. It is not an objective, 
it is an implementation, and in an IPv6 world you would implement in a 
slightly different fashion. 

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf