North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Where NAT disenfranchises the end-user ...
Also sprach Roeland Meyer >|> which of course *is* possible for at least one machine per visible >|> IP address - even if additional IPs are masqed behind it. >if you are doing one:one NAT then why do NAT at all? if you are doing >one:many then it won't work (broken). Even with one:many NAT you can pretty much get the same effect. You set up a default private IP address behind the NAT that any srcIP,dstIP,srcPort,dstPort combo that doesn't already have a mapping in the NAT box goes to. There's the possibilities of collisions here, but the chances are fairly low. Now, before anyone calls me a NAT apologist...I'm anything but that. There's no way on earth that I'd call this true Internet access, even for the default machine behind the NAT. Nor would I configure something like this as an ISP, disclosed or not (just ask Cincinnati Bell what I think of their Zoomtown Network setup and you'll find out how I feel about NAT! ;), but I do see that there are places - few, but they're there - for NAT. -- Jeff McAdams Email: [email protected] Head Network Administrator Voice: (502) 966-3848 IgLou Internet Services (800) 436-4456