[41369] in North American Network Operators' Group
RE: Where NAT disenfranchises the end-user ...
daemon@ATHENA.MIT.EDU (Charles Sprickman)
Fri Sep 7 11:52:05 2001
Date: Fri, 7 Sep 2001 11:51:33 -0400 (EDT)
From: Charles Sprickman <spork@inch.com>
To: Roeland Meyer <rmeyer@mhsc.com>
Cc: "NANOG (E-mail)" <nanog@merit.edu>
In-Reply-To: <EA9368A5B1010140ADBF534E4D32C728069E7D@condor.mhsc.com>
Message-ID: <Pine.BSF.4.33.0109071149460.4876-100000@shell.inch.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 6 Sep 2001, Roeland Meyer wrote:
> |> True... neither does a well-firewalled LAN.
>
> There is a substantial difference between broken access and controlled
> access.
Yes, but there are plenty of apps that will not work if you do not leave
open large, arbitrary ranges of udp ports. This is fundamentally
incompatible with most sane firewalls. Or NAT.
Why write a protocol that way? Just to prove NAT sucks?
Charles
