Where NAT disenfranchises the end-user ...

Richard Welty rwelty at averillpark.net
Mon Sep 10 18:18:46 UTC 2001


On Mon, 10 Sep 2001 14:06:14 -0400 RJ Atkinson <rja at inet.org> wrote:

> 
> At 13:47 10/09/01, Richard Welty wrote:
> >in the case of IPSec, the IP addresses need to be preserved end-to-end
> >as part of the whole security scheme.
> 
> True, but ONLY because the Internet Architecture lacks an alternative
> namespace that could identify the box associated with a given network
> interface. (The IP address is used in this context to identify the network
> interface associated with the Security Association).  So that's all true
> today, but is driven by a shortcoming in the Internet Architecture.

perhaps, but this doesn't invalidate either his question or my answer
to it. this whole discussion is really pointless due to the fact that
right this minute, reality sucks, and cannot be instantly fixed by a
stupid flame war.

richard
--
Richard Welty                                    Averill Park Networking
rwelty at averillpark.net                                      518-573-7592




More information about the NANOG mailing list