Common operational misconceptions

• Previous message (by thread): Common operational misconceptions
• Next message (by thread): Common operational misconceptions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Feb 16, 2012, at 5:11 PM, Masataka Ohta wrote:

> Andreas Echavez wrote:
> 
>> *Why disabling ICMP doesn't increase security and only hurts the web* *(path
>> MTU discovery, diagnostics)
> 
> That PMTUD works is a misconception.
> 

It actually works where people have not made active efforts to break it.

>> *How NAT breaks end-to-end connectivity (fun one..., took me
>> hours to explain to an old boss why doing NAT at the ISP level
>> was horrendously wrong)
> 
> That's another misconception.
> 
> While NAT breaks the end to end connectivity, it can be
> restored by end systems by reversing translations by NAT,
> if proper information on the translations are obtained
> through some protocol such as UPnP.
> 

Sigh... NAT is a horrible hack that served us all too well in address conservation. Beyond that, it is merely a source of pain.

Owen

• Previous message (by thread): Common operational misconceptions
• Next message (by thread): Common operational misconceptions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]