Steven Bellovin wrote: > > David Meyer wrote: > > I do not agree. I remember discussing the concept with folks, a couple > of years before that; we agreed that NATs would be very challenging > because of the need for protocol-dependent packet inspection and > modification. Add to that an underestimate of how long it would take > before v6 was adopted, and a gross underestimate of how large the > Internet would be -- remember, IPng happened before the Web explosion -- > and it was very easy to ignore the possibility of NAT, let alone the > renumbering and (questionable) firewall benefits of it. In retrospect, > sure, but in 1993-1994? It was not at all obvious. While the features and aspects varied, the underlying concept was pretty real in 1993. I remember that in 1992/1993 I used a software called "term" on my Linux box to forward multiple multiplexed TCP connections through a regular modem dial-up. Since it sliced the data down into very tiny chunks, supported priorities and lacked the entire IP overhead, it was significantly better than SLIP/PPP and you could still use telnet with an acceptably low impact on echo responses while doing downloads on a 9600 bps dialup. The beauty was, that you could make it work with *EVERY* unix login (even through telnet!) as a vaniall user, no admin rights required, not IP address assignment & routing config issues, you simply compiled and started the daemon counterpart on the remote end after login (doing I/O though stdin/stdout) and all your local software would be sharing the IP address of the dial-in machine. Somewhat similar to virtual machines sharing their hosts network adapter through NAT these days. -Martin