
Joel Gallun wrote:
You can dismiss this problem by saying the apps are broken (which they are), but the simple fact is our customers want to use these apps.
I'd recommend DHCP. In communities where we've used it, it has worked fine and not caused any of the problems that NAT does.
You could assign static addresses for the customers that request it. You'd retain most of the benefits of NAT. NAT is really well worth it in _some_ cases. We cut a 30 site WAN/LAN from one internet provider to another in 5 minutes. One of my clients had another problem with NAT. Seems that Cisco's NAT implementation translates DNS addresses in the payload when it is a plain query, and doesn't when it is a zone transfer. Meant that we couldn't have secondaries on the outside of the NAT. Also, their NAT implementation was absent for the 3600 in 11.2.4 and 11.2.5 (despite all documentation to the contrary). In typical cisco fashion, they lent us a 4700, so I'm not in any hurry to get it fixed. -- Allan Chong allan@alum.mit.edu "When I die, I want to go peacefully like my Grandfather did---in his sleep. Not yelling and screaming --like the passengers in his car."