No, the reason we have NAT is because it's a lot easier for novice network administrators to divvy up and route 10/8 than it is 208.x.x/20.
Only for novices :-)? And what if the alternative is not a /20, but a /24, or even a /28?
There's also a general perception that NAT increases security; some "security" companies go so far as to say NAT removes the need for a firewall.
Agreed that NAT does not remove the need for a firewall; but it *does* increase security. I have a machine behind a NAT; its IP address is 192.168.27.111. It has an open telnet port; the root password is "rutabaga". (It's on a completely different network than the one I'm sending this email from, so don't bother trying to deduce anything from the mail headers or my domain name.) I don't believe that I've just compromised its security :-). Jim Shankland
participants (1)
-
Jim Shankland