> From: Keith Moore <moore@cs.utk.edu>
> it seems disingenuous to blame the NAT problem on users when the NAT
> vendors are doing their best to mislead users about the harm that NAT
> does.
Oh, piffle. NAT's don't "harm the Internet", any more than a host of other
things: "invisible" Web caches, ISP packet filtering (I can't run an SMTP
server because my cable ISP are a bunch of fascist morons, so I have to run
'fetchmail' instead - which generates *more* traffic - but I digress), etc,
etc.
Many of those are far more problematic *in practise*, but don't seem to
generate anything like as much heat. (And I won't even get into policy
stupidity relating to the Internet, such as the way in which some large
commercial entities are using trademark and copyright law, the DMCA, etc as
blunt instruments to bulldoze small players - the ToysRUs attack on the
people running BondageToysRUs being merely the latest example to come to my
attention.)
There are a number of good technical reasons for down-marking NAT's, but they
aren't as terminally serious as some people claim, looked at from a far-off
stance.
E.g. they do increase the fragility of the network, by moving state away from
the endpoints. However, the pure end-end model (where all the intelligence is
in the endpoints, and everything in the middle is dumb as a post) is too
simple for today's network anyway - security alone demands that we be able to
move some functionality to a "site border router", or some such. And in
practise, the fragility of my NAT box is far less than the fragility of the
routing - something that nobody seems to be anything like as greatly
exercised by. So I discount that one. Etc, etc.
All of which leads me to a simple conclusion: one big reason that you and any
number of other people are upset about NAT's has nothing to do with their
technical shortcomings. Rather, what gets people so aggravated is that they
are killing off the "preferred" alternative.
About which, let me also observe that that alternative is (in effect) a
return to a misty golden age where IPvN was carried everywhere with no
interference. Well, those days are gone forever.
Noel