Problems with removing NAT from a network

Jack Bates jbates at brightok.net
Fri Jan 7 08:32:17 CST 2011


On 1/7/2011 4:44 AM, Dobbins, Roland wrote:
> Yes, it has.  There're lots of issues with embedding IP addresses
> directly into apps and so forth which have nothing to do with NAT.

Embedding into apps isn't the same as embedding into protocol packets. 
While NAT and stateful firewalls do tend to break with embedded 
addresses that they don't know to check for, it's still not a bad idea.
I was fixing to complain that the IPv6 designers didn't take the chance 
to add the embedding to the Packet headers, when it occurs to me, they 
made the headers nice and extensible.

It also baffles me as to why applications such as skype dealing with 
NAT64 can't use the compatibility addressing to start communicating with 
v4 hosts from a v6 only NIC. I thought this was already a fixed problem 
not requiring DNS to deal with. It's not like NAT46 (anyone actually 
publish such a hideous protocol?), which requires really messy state 
tables bidirectionally for everything and DNS rewrites.

Jack




More information about the NANOG mailing list