Drew wrote: >> It's a bit of bad form to use NAT and private addresses at all because the >> internet really wasn't designed to be segmented, but everyone does it. > > Why is NAT bad form? I don't mean to imply it shouldn't be used - it is pretty much a necessary evil now, but it doesn't fit the original IP design very well. >>From my standpoint as an admin, private IP's & NAT are another tool to > help secure my network. You can't attack what you can't see and even a > misconfigured router or firewall won't expose my network to prying > eyes. > There are small problems like often needing split DNS, not being able to offer public services easily, not being able to track the source addresses meaningfully in logs, etc., but the real killer comes when your large organization merges with another using the same private address range and you need to connect the networks. -- Les Mikesell lesmikesell at gmail.com