The End-To-End Internet (was Re: Blocking MX query)

William Herrin bill at
Tue Sep 4 19:45:32 UTC 2012

On Tue, Sep 4, 2012 at 2:22 PM, Jay Ashworth <jra at> wrote:
> It is regularly alleged, on this mailing list, that NAT is bad *because it
> violates the end-to-end principle of the Internet*, where each host is a
> full-fledged host, able to connect to any other host to perform transactions.

That's what firewalls *are for* Jay. They intentionally break
end-to-end for communications classified by the network owner as
undesirable. Whether a particular firewall employs NAT or not is
largely beside the point here. Either way, the firewall is *supposed*
to break some of the end to end communication paths.

Bill Herrin

William D. Herrin ................ herrin at  bill at
3005 Crane Dr. ...................... Web: <>
Falls Church, VA 22042-3004

More information about the NANOG mailing list