Corey Edwards wrote: > On Tue, 2007-10-16 at 10:49 -0500, Andrew McNabb wrote: >> On Tue, Oct 16, 2007 at 08:58:59AM -0600, Michael L Torrie wrote: >>> If I was designing the BYU network, I would have made public address >>> translate to private addresses, and split the DNS. That way the world >>> would see servers on the 128.187. addresses, but the same servers from >>> within the byu network would see the 10.x addresses. That makes routing >>> a lot more sane. >>> >> That's the way we did it in the CS Department, and although it works >> pretty well, it's still a headache. >> >> If I were designing the BYU network, I would give everything 128.187 >> addresses, and I would use a novel tool called a firewall to limit >> outside access to private machines. I guess that makes me a heretic. > > Heretic, maybe, but it also makes you sane. NAT is an evil scourge upon > our Internet and I long for the day it is eradicated. > > Corey
Out of curiosity why do you claim NAT is an evil scourge? The only downside I could see for NAT is slightly more configuration for the network administrator (and possible port mapping exhaustion on a large network). The benefits of NAT all seem to be benefits: -Provides a basic firewall mechanism by it's very nature -Reduce the number of needed public IP addresses -Easy to setup by most home users, as it is now build into all DSL/Cable modem routers I haven't found many articles for or against NAT, but I may be looking in the wrong place. One article I found said NAT is not so bad: "Why NAT Isn’t As Bad As You Thought" [1]. The one claim I have found is it breaks the direct peer to peer connection. I think to geeks and corporations this may be a concern, but to the average home owner I think not having joe hacker have direct access to my grandmothers computer outweighs this concern. What are your concerns? Kenneth [1]http://www.circleid.com/posts/why_nat_isnt_as_bad_as_you_thought/ /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
