On Tue, 21 Sep 2004, Harald Tveit Alvestrand wrote: > > The point is which kind of applications you can reasonably expect to > > deploy behind an IPv4 NAT, and be happy. > > > > I agree with Harald that v4 NATs are going to be here a decade from > > now. But that's irrelevant, if those people using the NAT only use > > simple client-server applications. > > Well.... my house was behind 2 levels of NAT until last week. > Once i got rid of one level (the one I don't control), some of my > operational problems with keeping SSH sessions up simply went away. > And SSH is a client-server protocol. > > Don't underestimate the capability of badly implemented and/or configured > NATs to make things go boom in the night. FWIW, I don't think this is something that can be fixed whatever guidance the IETF would give. NATs will always need to keep some state for all the protocols, including TCP, and that state must be removed after a timeout. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf