[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


----- Original Message -----
> From: "Mark Andrews" <marka at isc.org>

> > You'll have to document "everyone has to work harder to provide me
> > services";
> > this is not my first rodeo, and TTBOMK, it's *transparent* to the
> > other end
> > of any connection out of my edge network that it's NATted at my end.
> >
> > As for incoming connections, it's transparent to them as well -- and
> > which
> > ones are valid targets for such connections *is a policy decision of
> > mine*, not subject to external opinion.
> >
> > Could you clarify, in some detail, precisely how you get to TotC,
> > Blake?
> You are going to want the your clients to work well with your NAT.
> Your vendor is going to have to spend money to do this. The cost
> of doing this will be passed onto everyone else that buys this
> client as a direct monetory cost and/or extra complexity in the
> product. The later also increases the cost in maintaining the
> product. It also stops the vendor developing other products as it
> takes additional resources to do this work.

So far as I can tell, Mark, the only place where this becomes an issue 
is in the design of protocols which violate layer independence[1] by baking
external transport layer address into fields in higher-layer frames;
this in inherently Broken As Designed, and isn't my fault, or problem.

I'll point out that such protocols will have to be fixed *anyway*, as
transitioning to IPv6 will break them as well.

If you merely meant "client operating systems", then I'm going back to 
"transparent"; please itemize how NAT at the edge of my edge network
negatively affects the operations of a client OS, absent the specific
broken protocols mentioned above.

Next argument?  :-)

-- jra
[1] I originally wrote "lawyer independence"; that's funny, but too far 
off-meaning to leave in.  :-)