-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Fri, Sep 07, 2001 at 10:55:49AM -0700, Mike Batchelor wrote:
NAT rewrites certain packet data fields (src addr, src port, sometimes mac addr). So does a ordinary router (ttl decrement). One breaks end2end, the other does not. What is the difference?
NAT rewrite more than that, try reading http://www.cisco.com/warp/public/cc/pd/iosw/ioft/ionetn/prodlit/11 95_pp.htm
In particular, it rewrites addresses _in the data portion of the packet) for the following protocols:
ICMP, FTP, NetBIOS, RealAudio, CuSeeMe, DNS, Netmeeting, H.323, PPTP and several others.
That's what makes it violate the end2end principal, your _data_ is changed by NAT.
Well of course, that was my point. Where do you draw the line? The packet as received is not identical to the packet as it was sent, even when NAT is not involved. Along the way, various things get modified, the packet is encapulated, unwrapped, re-encapsulated, TTLs get decremented, ... all things that are necessary and part of the process of getting the packet to its destination. NAT just has more necessary things to change. I'm not defending NAT, I dislike it as much as the next clueholder, I am just taking the devil's advocate position for the sake of discussion.
-- Leo Bicknell - bicknell@ufp.org Systems Engineer - Internetworking Engineer - CCIE 3440 Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org
-----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBO5kYlEksS4VV8BvHEQJ5nQCfUlQrmIDUO8dbGrGfoVztMjv1rZEAn0xz a7Fr2Bw2UtP2W4CNgL5UjHuw =LHb7 -----END PGP SIGNATURE-----