[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
On Feb 2, 2011, at 8:45 PM, Jay Ashworth wrote:
> ----- Original Message -----
>> From: "Blake Dunlap" <ikiris at gmail.com>
>> On Wed, Feb 2, 2011 at 22:34, Jay Ashworth <jra at baylink.com> wrote:
>>> I won't run an edge-network that *isn't* NATted; my internal machines
>>> have no business having publicly routable addresses. No one has *ever*
>>> provided me with a serviceable explanation as to why that's an
>>> invalid view.
>> Quite simply, its called Tragedy of the Commons. Everyone else has to
>> work harder to provide you services if you are using something which breaks
>> end to end connectivity, which costs everyone else money. The protocol
>> designers are making a stand against this for the good of the "commons".
> You'll have to document "everyone has to work harder to provide me services";
> this is not my first rodeo, and TTBOMK, it's *transparent* to the other end
> of any connection out of my edge network that it's NATted at my end.
It's not transparent to:
Home Gateway Developers
Consumer Electronics Developers
Technical Support departments
My users who are trying to talk to your users using applications that
are designed to work in a NAT-free world.
My technical support department that gets the "we can't reach them"
calls from my users who can't reach your users.
It may not be your first trip to the rodeo, but, you do appear to have a rather
limited perspective on the far reaching detriments of NAT.
> As for incoming connections, it's transparent to them as well -- and which
> ones are valid targets for such connections *is a policy decision of
> mine*, not subject to external opinion.
Stateful inspection gives you all the same protection for that policy as NAT
without breaking the end-to-end model.
Nobody is trying to take away your policy rights.
> Could you clarify, in some detail, precisely how you get to TotC, Blake?
I think the list of afflicted groups above covers it pretty well.