quietly....

Thu Feb 3 05:08:15 UTC 2011

In message <10058800.4297.1296708348990.JavaMail.root at benjamin.baylink.com>, Jay Ashwor
th writes:
> ----- Original Message -----
> > From: "Blake Dunlap" <ikiris at gmail.com>
> 
> > On Wed, Feb 2, 2011 at 22:34, Jay Ashworth <jra at baylink.com> wrote:
> > 
> > > I won't run an edge-network that *isn't* NATted; my internal machines
> > > have no business having publicly routable addresses. No one has *ever*
> > > provided me with a serviceable explanation as to why that's an
> > > invalid view.
> 
> > Quite simply, its called Tragedy of the Commons. Everyone else has to
> > work harder to provide you services if you are using something which breaks
> > end to end connectivity, which costs everyone else money. The protocol
> > designers are making a stand against this for the good of the "commons".
> 
> You'll have to document "everyone has to work harder to provide me services";
> this is not my first rodeo, and TTBOMK, it's *transparent* to the other end
> of any connection out of my edge network that it's NATted at my end.
> 
> As for incoming connections, it's transparent to them as well -- and which 
> ones are valid targets for such connections *is a policy decision of
> mine*, not subject to external opinion.
> 
> Could you clarify, in some detail, precisely how you get to TotC, Blake?
> 
> Cheers,
> -- jra

You are going to want the your clients to work well with your NAT.
Your vendor is going to have to spend money to do this.  The cost
of doing this will be passed onto everyone else that buys this
client as a direct monetory cost and/or extra complexity in the
product.  The later also increases the cost in maintaining the
product.  It also stops the vendor developing other products as it
takes additional resources to do this work.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org