10 Sep
2001
10 Sep
'01
2:05 p.m.
From: "Scott Gifford" <sgifford@tir.com>
I've actually seen the question of how NAT breaks the Internet more than a good stateful firewall come up more than once, and haven't really seen a satisfactory answer. Where does a stateful firewall configured to only allow outgoing connections work that NAT doesn't?
Anywhere the IP address is a part of the protocol, and a proxy for that protocol does not exist. Peer election protocols, replication protocols, etc. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/