On Tue, Dec 7, 2010 at 10:04 AM, Adam Tauno Williams awilliam@whitemice.org wrote:
Bogus. The reason is that they haven't been pressured into adoption by higher powers; so we will get into a nice scramble to migrate in a pinch.
"most people" have no idea what NAT is, don't care, and shouldn't have to care.
Some people's belief that NAT is some magic sauce that makes them more secure [it does not] or provides them more flexibility [it does not] than real addresses ... causes the people who understand networking to have to spend time explaining that their love of NAT is misguided and their beliefs about NAT are bogus.
*I'm* a fairly expert network person. (10base2, baby, I remember crimping those cables!) Forcing people to specifically select the services they wish to expose, rather than selecting what to cut off in configuring a typical firewall, is basic policy automatically enforced by NAT. It's especially helpful to ISP's, who *do not want* to try to remember all those furshlugginer individual policies and find it far simpler in routing and firewall terms to force all traffic to the NAT.