Where NAT disenfranchises the end-user ...
Eric A. Hall
ehall at ehsco.com
Mon Sep 10 18:05:30 UTC 2001
> From: "Scott Gifford" <sgifford at tir.com>
> I've actually seen the question of how NAT breaks the Internet more
> than a good stateful firewall come up more than once, and haven't
> really seen a satisfactory answer. Where does a stateful firewall
> configured to only allow outgoing connections work that NAT doesn't?
Anywhere the IP address is a part of the protocol, and a proxy for that
protocol does not exist. Peer election protocols, replication protocols, etc.
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
More information about the NANOG
mailing list