On Mon, 26 Nov 2001, Rinka Singh wrote: > Any NAT would be able to translate both ways - OK it would stumble if > there was end-to-end encryption but a small device may not have > encryption capability. It should be easy to add NAT (one would need a > router, firewall, gateway/gatekeeper anyway).
Not as easy as one may initially imagine. Think of complicated application level protocols as H.323 which carry ip information in packets. Adding support to NAT gateways would involve integrating gatekeeper/H.323 proxies to routers. End-to-end encription is other area where NAT would be very difficult to implement. There are many examples of "difficult to be accomplished with NAT tasks" (like P2P networks) that could be easily solved by expanding the amount of available addresses (like IPv6). Not talking about the specific capabilities IPv6 integrates (AH, for example). I'm not saying that almost same things could be performed by clever NAT under IPv4, but let's use Occam's razor and follow the simplest way of implementing things... Regards, Flavio.
