So now the cruft extends and embraces, and you have to play DNS view games based on whether it's on company A's legacy net, company B's legacy net, or the DMZ in between them, and start poking around in the middle of DNS packets to tweak the replies (which sort of guarantees you can't deploy DNSSEC).
Are you proposing that every company use publicly routable address space? How about the ones that don't qualify for a /19 and so are dependent on addresses owned by their upstream? To change ISPs for example, would it be simpler to change the IP address of every node in the company or to run NAT on the gateways? How about multi-homing? Can you even do it without NAT on a network too small assign an AS? In the mid-90s I was CSO at a company whose internal networks were publicly routable thanks to a /16 they owned (though they really only needed a few /24s). In my experience, for every example of how complex NAT is there are at least 10 counter-examples of how an equivalent non-NATed network is more complex, less flexible, less reliable, and less secure. -- Roger Marquis Roble Systems Consulting http://www.roble.com/