| 1 |
On 03/09/2013 11:59 PM, Michael Orlitzky wrote: |
| 2 |
> On 03/09/2013 08:42 PM, Walter Dnes wrote: |
| 3 |
>> On Fri, Mar 08, 2013 at 07:41:13PM -0500, Michael Mol wrote |
| 4 |
>> |
| 5 |
>>> The trouble with NAT is that it destroys peer-to-peer protocols. The |
| 6 |
>>> first was FTP in Active mode. |
| 7 |
>> |
| 8 |
>> In its day, it was OK. Nowadays, we use passive mode. What's the |
| 9 |
>> problem? |
| 10 |
>> |
| 11 |
> |
| 12 |
> It also doesn't work under NAT, it's just broken in the other direction. |
| 13 |
> |
| 14 |
> |
| 15 |
>>> SIP has been heavily damaged as well. Anyone who's used IRC is |
| 16 |
>>> familiar with the problems NAT introduces to DCC. |
| 17 |
>> |
| 18 |
>> Every ADSL router-modem I've run into recently has port-forwarding. |
| 19 |
>> |
| 20 |
>>> Anyone who's ever played video games online,... |
| 21 |
>> |
| 22 |
>> A *CLIENT* that can't operate from behind NAT is totally brain-dead. |
| 23 |
>> |
| 24 |
> |
| 25 |
> But you must have one non-NATed "server" for anything to work. I assume |
| 26 |
> that's what was meant by "it destroys peer-to-peer protocols." You have |
| 27 |
> to draw an arbitrary distinction between machines that work together, |
| 28 |
> "servers," and ones that don't, "clients." |
| 29 |
|
| 30 |
Indeed. |
| 31 |
|
| 32 |
> |
| 33 |
> The problem will become more and more apparent as ipv4 space dries up |
| 34 |
> and everyone becomes a client. Although ISPs will be more than happy to |
| 35 |
> sell you a useful connection, for a premium. |
| 36 |
|
| 37 |
This has happened to a friend of mine...and he *can't* get a public IP |
| 38 |
from his rural ISP. |
| 39 |
|
| 40 |
> |
| 41 |
> Un-NATed addresses are like, type-O blood. Imagine how much better off |
| 42 |
> we'd be if we could get everyone to switch their blood to type-O. Might |
| 43 |
> be less painful than the ipv6 transition, too =) |
| 44 |
> |
| 45 |
> |
| 46 |
>>> or who's tried hosting a Teamspeak or Ventrillo server, has had NAT |
| 47 |
>>> get in their way as well. |
| 48 |
>> |
| 49 |
>> Port-forwarding. |
| 50 |
>> |
| 51 |
> |
| 52 |
> Port forwarding can work, but only for one host when the ports are |
| 53 |
> standardized. You can't forward e.g. port 443 to two hosts, so only one |
| 54 |
> host behind the NAT can be accessible on 443. |
| 55 |
> |
| 56 |
> If you're using your NAT as a firewall for one box, then who cares. But |
| 57 |
> you can't put more than one machine behind it and have everything still |
| 58 |
> work. |
| 59 |
|
| 60 |
Since we've already run out of IPv4 addresses, port forwarding is |
| 61 |
starting to fail even for that circumstance; if your ISP hands you an |
| 62 |
RFC1918 address, you're screwed. |
Archives