On Fri, Sep 07, 2001 at 05:09:43PM -0400, Andy Dills wrote:
One is content, the other a content-delivery mechanism. Think about the post office. It's perfectly acceptable for them to stamp a forwarded address on the envelope to ensure it's delivery, but perfectly unacceptable to modify the content inside.
But NAT goes further. Consider if the post office opened up your letter, looked at the return address on it, saw that was wrong and stuck the new one on it, put it back in the envelope and then sent it on its way. That's exactly what NAT does with some protocols. I have no problem with people using NAT, and I have used it myself. Specifically, I don't my the {IP,port} translation basic NAT does. Yes, it breaks some protocols, but as long as that's known it's ok. I have a big problem with the data modification of more recent NAT implementations. It does have some interesting implication as to who can modify data as well. If a device in the middle has license to modify data in the middle of a data stream, what are the limits of that license? If my service provider uses NAT without my consent can I sue them for reading/changing my data? If not, why would I be able to sue them if they do the same thing to e-mail? What is the difference? -- Leo Bicknell - bicknell@ufp.org Systems Engineer - Internetworking Engineer - CCIE 3440 Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org