|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Breaking Stuff by Fixing NAT
We have some dial-up-like customers behind a device doing the dreaded Network Address Translation (NAT). We are doing one-to-one NAT. Customers get PPP connections with 10/8 addresses. The NAT is done far down stream from our end of the point-to-point connnection at the border with our ISP. Do not ask me why it was done that way. The network engineers want to discontinue doing NAT. From our point of view, NAT doesn't provide any benefits (it did take a while to get it to sink in that it provides no security, and we do need to add some BGP complexity since before packets could get NATed at any egress point and find their way back). NAT only created continuous headaches. But there are still management reservations, the only reservation we do not have a good answer for is the (arbitrary) claim that turning off NAT may break stuff for customers who depend on it. Now we have customers that do some pretty messed up stuff, and everybody knows about various commercial apps that do really, really messed up stuff, but none of us can think of anything that turning NAT off will break. But perhaps all of our minds are just too cluttered with all of the weird stuff that turning off NAT will allow to _work._ Has anyone here been in a similar situation? Did turning off NAT break anything? Is anyone aware of or can think of anything that turning off NAT might break? (Ignore the fact any customers connected during the actual change may have service intrupted. I am only worried about something that doesn't work next time they dial-up after the change.) Thanks. -- Crist J. Clark | [email protected] | [email protected] http://people.freebsd.org/~cjc/ | [email protected]
|