[arin-ppml] Stepping forward, opening my mouth and removing all doubt about

Kevin Kargel kkargel at polartel.com
Thu Aug 28 14:04:50 EDT 2008


 On the subject of NAT..  

We are not talking about an individual customer premise using single
instances of applications behind his own NAT firewall that he has control
of.  We are talking about putting hundreds, thousands or more customers
behind a single NAT that the end user cannot configure.  

Many of the applications we are discussing require PAT translation to
operate.  There is NO way to set up PAT to know which of a dozen internal
hosts to direct an externally initiated application to without requiring
some fancy port mapping at both ends.  

When you are on your own home router you can configure your PAT to send
incoming traffic for your IM to workstation A, and to send incoming traffic
for your Xbox gaming server to your one Xbox..  If you put a hundred clients
behind an ISP provided NAT you need some mechanism for the many external
Xbox users to initiate connections to the proper internal Xboxes hosting the
game they want to join.  Simple NAT or PAT cannot accomplish that. 

If you want a simple test of how this will work, try to set up Remote
Desktop to two or more workstations in your home network using the same
external ip address and port to connect to each of them from outside your
NAT.  Tell me how that works for you.  
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3107 bytes
Desc: not available
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20080828/0373b546/attachment-0001.bin>


More information about the ARIN-PPML mailing list