| 1 |
On 03/09/2013 08:42 PM, Walter Dnes wrote: |
| 2 |
> On Fri, Mar 08, 2013 at 07:41:13PM -0500, Michael Mol wrote |
| 3 |
> |
| 4 |
>> The trouble with NAT is that it destroys peer-to-peer protocols. The |
| 5 |
>> first was FTP in Active mode. |
| 6 |
> |
| 7 |
> In its day, it was OK. Nowadays, we use passive mode. What's the |
| 8 |
> problem? |
| 9 |
> |
| 10 |
|
| 11 |
It also doesn't work under NAT, it's just broken in the other direction. |
| 12 |
|
| 13 |
|
| 14 |
>> SIP has been heavily damaged as well. Anyone who's used IRC is |
| 15 |
>> familiar with the problems NAT introduces to DCC. |
| 16 |
> |
| 17 |
> Every ADSL router-modem I've run into recently has port-forwarding. |
| 18 |
> |
| 19 |
>> Anyone who's ever played video games online,... |
| 20 |
> |
| 21 |
> A *CLIENT* that can't operate from behind NAT is totally brain-dead. |
| 22 |
> |
| 23 |
|
| 24 |
But you must have one non-NATed "server" for anything to work. I assume |
| 25 |
that's what was meant by "it destroys peer-to-peer protocols." You have |
| 26 |
to draw an arbitrary distinction between machines that work together, |
| 27 |
"servers," and ones that don't, "clients." |
| 28 |
|
| 29 |
The problem will become more and more apparent as ipv4 space dries up |
| 30 |
and everyone becomes a client. Although ISPs will be more than happy to |
| 31 |
sell you a useful connection, for a premium. |
| 32 |
|
| 33 |
Un-NATed addresses are like, type-O blood. Imagine how much better off |
| 34 |
we'd be if we could get everyone to switch their blood to type-O. Might |
| 35 |
be less painful than the ipv6 transition, too =) |
| 36 |
|
| 37 |
|
| 38 |
>> or who's tried hosting a Teamspeak or Ventrillo server, has had NAT |
| 39 |
>> get in their way as well. |
| 40 |
> |
| 41 |
> Port-forwarding. |
| 42 |
> |
| 43 |
|
| 44 |
Port forwarding can work, but only for one host when the ports are |
| 45 |
standardized. You can't forward e.g. port 443 to two hosts, so only one |
| 46 |
host behind the NAT can be accessible on 443. |
| 47 |
|
| 48 |
If you're using your NAT as a firewall for one box, then who cares. But |
| 49 |
you can't put more than one machine behind it and have everything still |
| 50 |
work. |
Archives