packet mangling and routing

Corey Edwards tensai at zmonkey.org
Tue Oct 16 09:59:07 MDT 2007


On Tue, 2007-10-16 at 10:49 -0500, Andrew McNabb wrote:
> On Tue, Oct 16, 2007 at 08:58:59AM -0600, Michael L Torrie wrote:
> > 
> > If I was designing the BYU network, I would have made public address
> > translate to private addresses, and split the DNS.  That way the world
> > would see servers on the 128.187. addresses, but the same servers from
> > within the byu network would see the 10.x addresses.  That makes routing
> > a lot more sane.
> > 
> 
> That's the way we did it in the CS Department, and although it works
> pretty well, it's still a headache.
> 
> If I were designing the BYU network, I would give everything 128.187
> addresses, and I would use a novel tool called a firewall to limit
> outside access to private machines.  I guess that makes me a heretic.

Heretic, maybe, but it also makes you sane. NAT is an evil scourge upon
our Internet and I long for the day it is eradicated.

Corey





More information about the PLUG mailing list