Melinda Shore wrote: ...
I'm not sure if you're arguing that there should be a comprehensive document presenting the technical problems introduced by NATs. I suspect there should be, although frankly this is one particular area where there's a clear and growing divide between this community and the network administrator community (particularly enterprise and residential). We've known about these problems for a very long time and the argument that these problems are a serious impediment to network {stability,robustness,whathaveyou} have not been accepted by the people who deploy real networks.
At this point I really don't think it's the case that we haven't made the argument well, or at sufficient volume. People who put NATs in their networks are usually responding to immediate or perceived needs, and I think it's frequently, if not mostly, the case that they understand what they're doing and simply don't have the luxury of being able to worry about the longer-term implications. In that context our arguments are sometimes perceived as condescending and out-of-touch. Because of that it becomes difficult for the "NATs cause problems" position to become sufficiently widely accepted to overcome the conventional wisdom that NATs provide security, etc. I imagine we're going to be running into a similar situation with the mad use of tunnels in the not-too-distant future.
Melinda
One of the arguments in favor of NATs has been efficacy - we have them, they're cheap, and when they work they work well and with no configuration.
Since we've been lacking a similar non-NAT solution, we (ISI) built one called TetherNet, as posted earlier:
http://www.isi.edu/tethernet
The other argument in favor of NATs is that they already exist, so we have to live with them. TetherNet takes a contrary approach, undoing the NAT-ing instead.
FWIW, the "seriousness of the impediments" (Michael Py) are felt wherever NATs are deployed. Things break - in various NATs, these 'things' include L2TP to secure email access, VoIP/teleconferencing, FTP, and many services that rely on servers on the local machine (e.g., Compaq's automated software update system). Other, less serious problems include stalled or very slow web and telnet connections. These breakages are often misattributed to host, router or DNS misconfiguration, OS glitches, or the network being down. Those who don't know better just live with a flakey or slow network.
Joe