Thus wrote Keith Moore ([email protected]):
> On Oct 30, 2010, at 3:29 AM, S.P.Zeidler wrote:
>
> > reasons. The result is that NAT+firewall rules does not give any less
> > connectivity than the firewall rules alone.
>
> For your firewall, and for your policies, today.
Change happens. With a bit of luck, when I get to the point where
NAT goes from a crutch that doesn't get in the way much to a problem,
better alternatives to what I try to solve with the NAT will be available.
At present, better cost-effective alternatives are not available.
If my employer wants a new app enough, and there aren't better cheap
solutions yet, we can deploy the available solution, namely running
our own AS.
I'm looking at the current situation being the case for the next 4-5 years
if the better solution is something hosts need to do, and falls off the sky
tomorrow. Getting solutions that only need firewalls and routers to
change can happen much faster, once they become available, especially if
they only need a software upgrade.
regards,
spz
--
[email protected] (S.P.Zeidler)
_______________________________________________
nat66 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nat66
