[41353] in North American Network Operators' Group
Re: Where NAT disenfranchises the end-user ...
daemon@ATHENA.MIT.EDU (Eric A. Hall)
Fri Sep 7 00:49:27 2001
Message-ID: <001701c13758$69cc2200$0a0aa8c0@labs.ntrg.com>
From: "Eric A. Hall" <ehall@ehsco.com>
To: "Charles Sprickman" <spork@inch.com>,
"Roeland Meyer" <rmeyer@mhsc.com>
Cc: "NANOG (E-mail)" <nanog@merit.edu>
Date: Thu, 6 Sep 2001 23:49:00 -0500
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
> "Charles Sprickman" <spork@inch.com>
> NAT has it's place, and we have many happy customers that are quite
> pleased with their NAT'd connections; some simple, some fancy.
NATs are a band-aid.
> What irks me more than NAT are crappy protocols like FTP and H.323 that
> make too many assumptions about how much of my machine I am willing to
> expose in order to communicate using these protocols.
FTP was designed for ARPANET, H.323 was designed to work over ANY packet
network. Neither of them were designed for TCP/IP in particular.
They don't break the end-to-end design principles though. Neither do network
games, chat tools, and other peer-to-peer protocols that run in elected-server
or server-to-server modes.
The fact is that I can write an Internet-compliant application in about two
minutes that will break every NAT ever sold, simply because they don't have a
proxy for the protocol. NATs violate fundamental Internet principles. They
were broken from the start.
