nanog mailing list archives
RE: Where NAT disenfranchises the end-user ...
From: Roeland Meyer <rmeyer () mhsc com>
Date: Fri, 7 Sep 2001 11:58:08 -0700
|> From: Jim Shankland [mailto:nanog () shankland org] |> Sent: Friday, September 07, 2001 11:33 AM |> "Mike Batchelor" <mikebat () tmcs net> writes: |> |> > Oh yes, the firewall. That convenient device that network software |> > developers can assume will always pass port 80 and 443 traffic. So |> > everything uses port 80 and 443 in the future Internet, |> and we're all the |> > better for it. |> |> Um, sure, but what are you arguing? That firewalls are useless and |> should all go away? (Good luck.) That firewalls don't |> really exist :-)? Actually, for the ports that they have proxyd for, they don't. It's called "transparency", one of those fundimentaly concepts. The ports that they block, are supposed to be blocked, by design and not by accident. Firewalls are deterministic, NAT boundaries aren't. |> Maybe it would be useful to design a base protocol that would |> provide a standardized method for things like passing an <address, |> port> tuple, or registering a desire to receive packets on a |> particular UDP port -- the kind of things that gamers, e.g., |> want, and |> that are tricky to make work through a NAT. Games, etc., could be |> written on top of this base protocol, and NATs and firewalls could |> be made to be aware of that protocol. Just a thought; any |> merit to it? You've just described a NAT proxy daemon. I've spent years trying to write one. If you are that good, send code. Or better yet, send it to www.sourceforge.org. The fundimental reason that you can't write one is that it requires a whole other protocol that 1) deosn't exist, 2)Isn't implemented, 3)Violates more than one of Dykstra's laws.
Current thread:
- Re: Where NAT disenfranchises the end-user ..., (continued)
- Re: Where NAT disenfranchises the end-user ... Alex Bligh (Sep 09)
- Re: Where NAT disenfranchises the end-user ... Jared Mauch (Sep 09)
- Re: Where NAT disenfranchises the end-user ... Bob K (Sep 09)
- Re: Where NAT disenfranchises the end-user ... Jared Mauch (Sep 09)
- Re: Where NAT disenfranchises the end-user ... Daniel Senie (Sep 09)
- Re: Where NAT disenfranchises the end-user ... Brian Whalen (Sep 09)
- Re: Where NAT disenfranchises the end-user ... Randy Bush (Sep 09)
- Re: Where NAT disenfranchises the end-user ... Scott Gifford (Sep 10)
- Re: Where NAT disenfranchises the end-user ... Adam McKenna (Sep 09)
- Re: Where NAT disenfranchises the end-user ... Marc Slemko (Sep 09)
- RE: Where NAT disenfranchises the end-user ... Mike Batchelor (Sep 10)
- Re: Where NAT disenfranchises the end-user ... Joel Baker (Sep 10)
- Re: Where NAT disenfranchises the end-user ... Valdis . Kletnieks (Sep 09)
- RE: Where NAT disenfranchises the end-user ... Andy Dills (Sep 10)