nanog mailing list archives
Re: Common operational misconceptions
From: Owen DeLong <owen () delong com>
Date: Sun, 19 Feb 2012 16:24:49 -0800
On Feb 18, 2012, at 3:31 AM, Masataka Ohta wrote:
David Barak wrote:From: Owen DeLong owen () delong comSigh... NAT is a horrible hack that served us all too well in address conservation. Beyond that, it is merely a source of pain.I understand why you say that - NAT did yeoman's work in address conservation. However, it also enabled (yes, really) lots of topologies and approaches which are *not* designed upon the end-to-end model. Some of these approaches have found their way into business proceses.I'm afraid both of you don't try to understand why NAT was harmful to destroy the end to end transparency nor the end to end argument presented in the original paper by Saltezer et. al: The function in question can completely and correctly be implemented only with the knowledge and help of the application standing at the end points of the communication system. Therefore, providing that questioned function as a feature of the communication system itself is not possible. While plain NAT, which actively hide itself from end systems, which means there can be no "knowledge and help of the application" expected, is very harmful to the end to end transparency, it is possible to entirely neutralize the harmful effects, by let NAT boxes ask help end systems.An argument you and others have made many times boils down to "but if we never had NAT, think how much better it would be!"The reality is much better that NAT is not so harmful if NAT clients and gateways are designed properly to be able to reverse the harmful translations by NAT gateways. I have running code to make the reverse translations, with which protocols such as ftp with PORT commands are working. Masataka Ohta
No, I think you do not understand... I have a NAT gateway with a single public address. I have 15 FTP servers and 22 web servers behind it. I want people to be able to go to ftp://<hostname> and/or http://<hostname> for each of them. Please explain to me how your code solves this problem? Yeah, thought so. Owen
Current thread:
- Re: Common operational misconceptions, (continued)
- Re: Common operational misconceptions Masataka Ohta (Feb 20)
- Re: Common operational misconceptions Steven Bellovin (Feb 20)
- Re: Common operational misconceptions Masataka Ohta (Feb 20)
- RE: Common operational misconceptions George Bonser (Feb 20)
- Re: Common operational misconceptions Masataka Ohta (Feb 20)
- RE: Common operational misconceptions George Bonser (Feb 20)
- Re: Common operational misconceptions Masataka Ohta (Feb 20)
- Re: Common operational misconceptions David Barak (Feb 17)
- Re: Common operational misconceptions Owen DeLong (Feb 17)
- Re: Common operational misconceptions Masataka Ohta (Feb 18)
- Re: Common operational misconceptions Owen DeLong (Feb 19)
- Re: Common operational misconceptions Joe Greco (Feb 19)
- Re: Common operational misconceptions Mark Andrews (Feb 19)
- Re: Common operational misconceptions Owen DeLong (Feb 20)
- Re: Common operational misconceptions Jimmy Hess (Feb 19)
- Re: Common operational misconceptions Karl Auer (Feb 19)
- Re: Common operational misconceptions Masataka Ohta (Feb 19)
- Re: Common operational misconceptions Andrew Jones (Feb 19)
- Re: Common operational misconceptions Jimmy Hess (Feb 19)
- Re: Common operational misconceptions Valdis . Kletnieks (Feb 20)