On Feb 28, 2007, at 8:02 AM, Hallam-Baker, Phillip wrote:
The core assumption here seems to be that NAT is a bad thing so
lets get rid of NAT rather than trying to make NAT work.
...
The only protocol which really cares about the source and
destination IP addresses is IPSEC and we have discovered that is a
design error.
I guess you haven't been around the applications that have trouble
with this very much. Any client-server application works fine across
a NAT, as long as it is the client that initiates the connection. I
refer you to the history of RSIP, the complexities of peer2peer
applications, Melinda Shore's frequent attempts at a generalized
firewall traversal methodology, and all the other places in which
applications that require a means of connecting to a device that has
no address in your favored address space at the time you want to
connect to it.
Dismissing the notion using a bunch of fallacies isn't a very strong
argument.
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf