North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Security gain from NAT
Donald Stahl wrote: > Keep it simple. NAT is a terrible terrible hack- and it's sad that it's > become so accepted in the maintsream. Probably mostly because it WORKS for people, it doesn't require you to be a network specialist. Someone just purchases a NAT gateway to connect to their ADSL/cable connection where they have one dynamic IP allocated by their ISP. They get automatic DHCP by the internal ports on the router and all is set, they can connect many computers to the network. They don't have to understand PAT, NAT or policies. This is certainly part of the problem too, that users don't know a lot about their underlying connectivity and why things work the way it does; but that is another discussion. To get rid of NAT and the advantages it has someone would've needed to design stuff differently to begin with. Allocate larger blocks of IPs to customers with more than one computer at home, or default allocate more. Imagine the bureaucracy around that? -- /ahnberg.