1 |
On 03/09/2013 11:59 PM, Michael Orlitzky wrote: |
2 |
> On 03/09/2013 08:42 PM, Walter Dnes wrote: |
3 |
>> On Fri, Mar 08, 2013 at 07:41:13PM -0500, Michael Mol wrote |
4 |
>> |
5 |
>>> The trouble with NAT is that it destroys peer-to-peer protocols. The |
6 |
>>> first was FTP in Active mode. |
7 |
>> |
8 |
>> In its day, it was OK. Nowadays, we use passive mode. What's the |
9 |
>> problem? |
10 |
>> |
11 |
> |
12 |
> It also doesn't work under NAT, it's just broken in the other direction. |
13 |
> |
14 |
> |
15 |
>>> SIP has been heavily damaged as well. Anyone who's used IRC is |
16 |
>>> familiar with the problems NAT introduces to DCC. |
17 |
>> |
18 |
>> Every ADSL router-modem I've run into recently has port-forwarding. |
19 |
>> |
20 |
>>> Anyone who's ever played video games online,... |
21 |
>> |
22 |
>> A *CLIENT* that can't operate from behind NAT is totally brain-dead. |
23 |
>> |
24 |
> |
25 |
> But you must have one non-NATed "server" for anything to work. I assume |
26 |
> that's what was meant by "it destroys peer-to-peer protocols." You have |
27 |
> to draw an arbitrary distinction between machines that work together, |
28 |
> "servers," and ones that don't, "clients." |
29 |
|
30 |
Indeed. |
31 |
|
32 |
> |
33 |
> The problem will become more and more apparent as ipv4 space dries up |
34 |
> and everyone becomes a client. Although ISPs will be more than happy to |
35 |
> sell you a useful connection, for a premium. |
36 |
|
37 |
This has happened to a friend of mine...and he *can't* get a public IP |
38 |
from his rural ISP. |
39 |
|
40 |
> |
41 |
> Un-NATed addresses are like, type-O blood. Imagine how much better off |
42 |
> we'd be if we could get everyone to switch their blood to type-O. Might |
43 |
> be less painful than the ipv6 transition, too =) |
44 |
> |
45 |
> |
46 |
>>> or who's tried hosting a Teamspeak or Ventrillo server, has had NAT |
47 |
>>> get in their way as well. |
48 |
>> |
49 |
>> Port-forwarding. |
50 |
>> |
51 |
> |
52 |
> Port forwarding can work, but only for one host when the ports are |
53 |
> standardized. You can't forward e.g. port 443 to two hosts, so only one |
54 |
> host behind the NAT can be accessible on 443. |
55 |
> |
56 |
> If you're using your NAT as a firewall for one box, then who cares. But |
57 |
> you can't put more than one machine behind it and have everything still |
58 |
> work. |
59 |
|
60 |
Since we've already run out of IPv4 addresses, port forwarding is |
61 |
starting to fail even for that circumstance; if your ISP hands you an |
62 |
RFC1918 address, you're screwed. |