Problems with removing NAT from a network
jbates at brightok.net
Fri Jan 7 08:32:17 CST 2011
On 1/7/2011 4:44 AM, Dobbins, Roland wrote:
> Yes, it has. There're lots of issues with embedding IP addresses
> directly into apps and so forth which have nothing to do with NAT.
Embedding into apps isn't the same as embedding into protocol packets.
While NAT and stateful firewalls do tend to break with embedded
addresses that they don't know to check for, it's still not a bad idea.
I was fixing to complain that the IPv6 designers didn't take the chance
to add the embedding to the Packet headers, when it occurs to me, they
made the headers nice and extensible.
It also baffles me as to why applications such as skype dealing with
NAT64 can't use the compatibility addressing to start communicating with
v4 hosts from a v6 only NIC. I thought this was already a fixed problem
not requiring DNS to deal with. It's not like NAT46 (anyone actually
publish such a hideous protocol?), which requires really messy state
tables bidirectionally for everything and DNS rewrites.
More information about the NANOG