In article <1065035768.2548.8.camel@ranjeet-pc2.zultys.com>, Ranjeet Shetye <ranjeet.shetye2@zultys.com> wrote: | Here's my take on it. | | NAT is not an elegant standard. Its a hack to provide a temporary fix | for the IPv4 address space crunch. On the other hand, IPSec is a good | standard and is also mandatory for IPv6. Hence the focus should be on | IPSec much more than on NAT. I think you are starting from a totally incorrect premise. NAT is not a solution to an address space crunch, it is a way to have many servers behind a load balancing firewall, a way to have all outgoing mail come from a single IP (that of the inbound mail cluster), and a way to make all http clients have the same IP address (which doesn't accept any incoming connections) as part of a total security approach, to name a few uses. In short it's a general purpose tool, and you are looking at a subset of a single capability (hiding internal addresses, routable or not) as if it were the whole purpose of the tool. NAT is a valuable solution to many problems, and I don't think IPv6 is going to reduce the usefulness of the tool. That's my read on NAT, it needs to be a fully supported function of any network solution, which is most easily done by planning for that from the early stages of any implementation. -- bill davidsen <davidsen@tmr.com> CTO, TMR Associates, Inc Doing interesting things with little computers since 1979. - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
