[e2e] NAT traversal for src+dst routing

Melinda Shore mshore at cisco.com
Thu Nov 4 08:58:34 PST 2004

On Thursday, November 4, 2004, at 11:37 AM, Joe Touch wrote:
> I.e., cute traversal hacks work fine when the NAT _wants_ to be found,
> but they fail exactly where - and why - most NATs are actually 
> deployed,
> IMO.

Unfortunately that's probably become reasonable for several related 
and that's that NATs are now very widely being used as outside->inside 
control devices for networks.  The default policy is stupid ("any flows
initiated from inside are good, any flows initiated from outside are 
and the natural evolution is towards a mechanism for providing 
policy enforcement at the edges.  Yes, that's a firewall, but that's 
NATs have become.


More information about the end2end-interest mailing list