> On Jun 3, 2015, at 9:24 PM, Christopher Morrow <morrowc.li...@gmail.com> > wrote: > > On Wed, Jun 3, 2015 at 7:56 AM, Owen DeLong <o...@delong.com> wrote: >> For example, let’s say you have 20 machines for whom you want to allow >> inbound SSH access. In the IPv4 world, with NAT, you have to configure an >> individual port mapping for each machine and you have to either configure >> all of the SSH clients, or, specify the particular port for the machine you >> want to get to on the command line. > > in the original case in question the fact that there's nat happeng > isn't material... so all of this discussion of NAT is a red herring, > right? the user of AWS services cares not that 'nat is happening', > because they can simply RESTful up a VM instance and ssh into it in > ~30 seconds, no config required.
That depends… If they have a public address ON their machine or dedicated to their machine, then, they MAY not care that NAT is occurring. If they want to run SIP or some other protocol which depends on being able to tell the far end where to connect for secondary channels, then they may care anyway. You can reduce the number of things that NAT breaks, but you can’t eliminate them all. > let's skip all NAT discussions on this topic from here on out, yes? Only if you can promise me 100% that the NAT in question will not break anything. Owen