On Wednesday, June 18, 2003, at 12:59 PM, Hallam-Baker, Phillip wrote:
Not at all.
If you want to address denial of service issues you need protocol enforcement points.
This sounds like you are equating a NAT box with a firewall, which seems to be common.
I would like to know:
- Is a NAT box a protocol enforcement point?
- is it an EFFECTIVE protocol enforcement point?
- is a NAT a firewall? (many people seem to think it is ...)
- is a firewall a protocol enforcement point? (yes)
- does a protocol enforcement point, have to include a NAT?
- does an EFFECTIVE one have to include a NAT?
- is it even EASIER to enforce protocol issues with a NAT as opposed to other means?
simon
I really wish that the IETF had designed a decent NAT box spec
that's an oxymoron. the basic premis of NAT is fundamnetally broken.
-- www.simonwoodside.com -- 99% Devil, 1% Angel
