Asymmetric paths are a fact of life in the Internet.
- ferg -- Iljitsch van Beijnum <[EMAIL PROTECTED]> wrote: On 30-aug-04, at 0:50, Tracy Smith wrote: > Hello. I am tyring to gauge what the Best Practices are for > Enterprise network connections to the Internet. Specifically, to NAT > or not to NAT? At what point should NAT-ting be performed ... > exclusively at the Egress point or at decentralized points? What > about firewalling - centralized/decentralized? Fortunately, I've never been in the position to make such decisions, but I can tell you one thing: if you have multiple connections to the internet, you had better make sure that your NATs and firewalls are equipped to handle the case where you send a packet out through connection A and the reply comes back through connection B. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED]