>From: "james woodyatt" <jhw@wetware.com> > I could be wrong about this, but I really believe this is the root cause > of the NAT problem, not ignorant users or self-interested appliance > vendors. I don't believe that there's a NAT problem. There are many NAT problems, and the opportunity to use more addresses than are available to you is only one of them. It's increasingly the case that NATs are being used to enforce policy domain separation, including security, and to the extent that that function is established and spreading it's very much the fault of vendors. There's a challenge here, and that challenge is to support site-local policy in a way that's consistent with the design of the underlying technology. Right now the mechanisms that vendors are selling and users are buying are too willy-nilly not to break. Melinda