W3C home > Mailing lists > Public > ietf-discuss@w3.org > December 2002

Re: NATmakes a network a host -- must every process have an IP address?

From: Keith Moore <moore@cs.utk.edu>
Date: Thu, 05 Dec 2002 19:18:55 -0500
Message-Id: <200212060018.gB60Itj28860@astro.cs.utk.edu>
To: Edward Lewis <edlewis@arin.net>
cc: discuss@apps.ietf.org

> I'm not convinced that NATs 'hinder' the deployment of new
> applications, in the sense that 'hinder' means 'prevents,' or 'stops
> cold.'  The presence of NAT does call for a more sophisticated
> protocol (okay, complicated), I'll grant you that.  (I should add
> that I may be naive here.)

Try writing a distributed application which works over NATs and
which doesn't need either a central server, or one or more proxies 
outside the NATs, and which doesn't need to implement its own 
addressing and routing.

With enough work and enough proxies you can tunnel IP over NATs 
(or IPv6 as in Teredo) using a separate address space  and then you 
can run real applications again.  So it's obviously possible.   
Whether it's feasible to deploy apps that need this kind of 
infrastructure is a different question.

For a specific example, try designing a DNS-like system that works
over NATs and allows its clients and servers  to reside anywhere 
in the network (e.g. it doesn't constrain the servers to reside in
a global network outside NATs).   You'll find that you need proxies
to sit on the outside of those NATs to allow them to access servers
inside the NATs.  Even if you have those proxies, you still have the
problem that the DNS system has no idea from where the queries are
being made and no idea about how addresses are translated from within
that addressing realm.

> So, I'm convinced that NAT hinders extension of existing (pre-NAT)
> applications.

respectfully, I think you're being naive here.

Keith
Received on Thursday, 5 December 2002 19:24:09 EST

This archive was generated by hypermail pre-2.1.9 : Tuesday, 24 February 2004 19:46:25 EST