Where NAT disenfranchises the end-user ...

Eric A. Hall ehall at ehsco.com
Mon Sep 10 18:05:30 UTC 2001


> From: "Scott Gifford" <sgifford at tir.com>

> I've actually seen the question of how NAT breaks the Internet more
> than a good stateful firewall come up more than once, and haven't
> really seen a satisfactory answer.  Where does a stateful firewall
> configured to only allow outgoing connections work that NAT doesn't?

Anywhere the IP address is a part of the protocol, and a proxy for that
protocol does not exist. Peer election protocols, replication protocols, etc.

--
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/





More information about the NANOG mailing list