Re: Number of Firewall/NAT Users

[Valdis . Kletnieks]

On Mon, 22 Jan 2001 23:53:30 +0100, Sean Doran said:
> Nobody really constrains protocols from carrying a local IP address
> around any more than anyone constrains from putting local addresses
> into a text message.   It's just that communicating by naively replying
> to such an embedded address is unlikely to work.

Actually, NAT *does* constrain protocols from carrying around a local
IP address if it's emitted out into the world.  Remember that if it's
a LOCAL address, it's used *only* behind the NAT, and nobody cares about
that case.

The problem with NAT is the same problem as people who put locally usable
addresses in their .signature files - the NAT *doesnt* fix those up when
it becomes a non-local address BY VIRTUE OF PASSING THROUGH THE NAT.
-- 
                                Valdis Kletnieks
                                Operating Systems Analyst
                                Virginia Tech

PGP signature