NAT evil scourge?

Kenneth Burgener kenneth at
Tue Oct 16 15:01:36 MDT 2007

Corey Edwards wrote:
> On Tue, 2007-10-16 at 10:49 -0500, Andrew McNabb wrote:
>> On Tue, Oct 16, 2007 at 08:58:59AM -0600, Michael L Torrie wrote:
>>> If I was designing the BYU network, I would have made public address
>>> translate to private addresses, and split the DNS.  That way the world
>>> would see servers on the 128.187. addresses, but the same servers from
>>> within the byu network would see the 10.x addresses.  That makes routing
>>> a lot more sane.
>> That's the way we did it in the CS Department, and although it works
>> pretty well, it's still a headache.
>> If I were designing the BYU network, I would give everything 128.187
>> addresses, and I would use a novel tool called a firewall to limit
>> outside access to private machines.  I guess that makes me a heretic.
> Heretic, maybe, but it also makes you sane. NAT is an evil scourge upon
> our Internet and I long for the day it is eradicated.
> Corey

Out of curiosity why do you claim NAT is an evil scourge?

The only downside I could see for NAT is slightly more configuration for
the network administrator (and possible port mapping exhaustion on a
large network).

The benefits of NAT all seem to be benefits:
-Provides a basic firewall mechanism by it's very nature
-Reduce the number of needed public IP addresses
-Easy to setup by most home users, as it is now build into all DSL/Cable
 modem routers

I haven't found many articles for or against NAT, but I may be looking
in the wrong place.  One article I found said NAT is not so bad: "Why
NAT Isn’t As Bad As You Thought" [1].

The one claim I have found is it breaks the direct peer to peer
connection.  I think to geeks and corporations this may be a concern,
but to the average home owner I think not having joe hacker have direct
access to my grandmothers computer outweighs this concern.

What are your concerns?



More information about the PLUG mailing list