[arin-ppml] Set aside round deux

Roger Marquis marquis at roble.com
Wed Aug 4 01:21:16 EDT 2010 

Ted Mittelstaedt wrote:
> Roger, I cut my teeth using debug to format and compsurf to brand ESDI
> drives.  I deployed NAT in production when the ONLY way you could do it
> was apply a massive patch to the FreeBSD 2.x kernel.  This was long
> before Cisco released 11.2 IOS which was the first "commercial router"
> that supported NAT - and only on certain platforms (ie:2500, not 1000)
> and long before Linksys was anything more than a misspelling of a
> childrens toy set.  And, I daresay, long before YOU knew anything about
> what NAT is.  So I'm intimately familiar with NAT and how it's used.

Most of us old-timers were using application gateways long before FreeBSD
2, even before SunOS 4.  NCSA, FWTK, bind 4, sendmail...  But I digress,
and would just point out that your history is not relevant to the
discussion.  It is another tangent in place of a technical case.

  * If you can explain how multihoming will work without NAT and without
  internal renumbering then please do.  If you think internal renumbering
  is feasible please explain how to maintain persistent connections across
  a renumbering?

  * How to would you do transparent load-balancing and fail-over, ingress
  or egress, without NAT?

  * Also, since nobody has yet made a good business case for GUA (other
  that upstream lock-in), please explain how consumers' privacy and vendor
  independence would be preserved in the GUA world you're advocating.

  * How would you deal with routing table growth in absence of NAT?

  * And most importantly, please explain what NAT breaks that stateful
  inspection has not already "fixed-up"?

These are all questions a project manager would need BEFORE proclaiming a
project to be feasible.

> NAT's days are numbered and no matter how many benefits you think it
> brings, one way or another it's going to be gone.

Again, lots of assertions, few technical details.  Seems to be the MO of
NAT-o-phobes.

OTOH we have people with far more experience than Ted and I put together,
people like John Levine, whose residential nodes have worked behind LSN
for months without even knowing it.  The majority of neteng departments
at small and large shops alike, places like Sun/Oracle, IBM, Yahoo,
Google, also use NAT everywhere and don't seem to have Ted's issues.

Personally, I prefer facts over opinion, particularly David Farmer's take
on the issue:
  > I think telling other people how to run there network is much more ugly
  > thing than NAT.  And how much ever I dislike NAT, it has been an
  > effective way to run a network for a lot of people.  How effective have
  > you been in telling other people how to run (or not run) there network?

Roger Marquis

More information about the ARIN-PPML mailing list