Excerpts from Tom Pusateri on Tue, Mar 31, 2009 08:27:17AM -0400: > Obviously I didn't communicate clearly enough. The NAT box is the one > that sneakily fabricates headers. I am totally against this. I would > rather it do what it is doing out in the open by terminating the TCP > connection or re-originating the UDP packets from the policy box. This > follows the end to end model which is what I'm advocating. > > I am just trying to bring whats currently in the dark out into the > light. > > I run an HTTP proxy on my home gateway. > I run a sip proxy server on my gateway. > I run an SMTP server on my gateway. > For the needs of people behind current NAT boxes, we're not that far > away.
And for those protocols that you don't proxy, e.g. ones that your edge boxes have never seen before, would you just NAT? At least that would allow e2e application transparency for user innovation. _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
