Security gain from NAT: Top 5

Jo Rhett jrhett at
Wed Jun 27 00:06:04 UTC 2007

On Jun 6, 2007, at 9:43 PM, Owen DeLong wrote:
>>   #1 NAT advantage: it protects consumers from vendor
>>   lock-in.
> Speaking of FUD...  NAT does nothing here that is not also  
> accomplished
> through the use of PI addressing

If you completely ignore the cost of routing table growth to give  
every company their own PI, sure.

>>   #2  NAT advantage: it protects consumers from add-on
>>   fees for addresses space.
> More FUD.  The correct solution to this problem is to make it possible
> for end users to get reasonable addresses directly from RIRs for
> reasonable fees.

Reasonable is a hard word.  We've had to turn away customers who  
wanted to assign a /27 to each and every machine, without actual  
justification for more than 3 IPs per machine.  Sometimes people want  
to do insane things that aren't technically reasonable, but it's what  
they want to do.  NAT gives them that option.

Jo Rhett
senior geek

Silicon Valley Colocation
Support Phone: 408-400-0550

More information about the NANOG mailing list