Steven Bellovin wrote:
David Meyer wrote:
I do not agree. I remember discussing the concept with folks, a couple
of years before that; we agreed that NATs would be very challenging
because of the need for protocol-dependent packet inspection and
modification. Add to that an underestimate of how long it would take
before v6 was adopted, and a gross underestimate of how large the
Internet would be -- remember, IPng happened before the Web explosion --
and it was very easy to ignore the possibility of NAT, let alone the
renumbering and (questionable) firewall benefits of it. In retrospect,
sure, but in 1993-1994? It was not at all obvious.
While the features and aspects varied, the underlying concept was
pretty real in 1993.
I remember that in 1992/1993 I used a software called "term"
on my Linux box to forward multiple multiplexed TCP connections
through a regular modem dial-up. Since it sliced the data down
into very tiny chunks, supported priorities and lacked the
entire IP overhead, it was significantly better than SLIP/PPP
and you could still use telnet with an acceptably low impact
on echo responses while doing downloads on a 9600 bps dialup.
The beauty was, that you could make it work with *EVERY*
unix login (even through telnet!) as a vaniall user, no
admin rights required, not IP address assignment & routing config
issues, you simply compiled and started the daemon counterpart
on the remote end after login (doing I/O though stdin/stdout)
and all your local software would be sharing the IP address
of the dial-in machine. Somewhat similar to virtual
machines sharing their hosts network adapter through NAT these days.
-Martin