[unisog] Anyone doing large scale NAT for their campus?

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Mon Sep 23 20:35:35 GMT 2002


On Mon, 23 Sep 2002 14:40:16 CDT, Scott Genung <sagenung at ilstu.edu>  said:

> I should have been more specific. The implementation of NAT that I'm 
> referring to is based upon a 1 to 1 translation of inside to outside 
> addressing. The NAT model you are referring to is NAT overload (aka PAT) 
> where multiple inside addresses are mapped to a single (or limited number 
> of) outside address(es).

Remember that even without overloading, NAT breaks things - the H.323 and IPSec
issues aren't due to the overloading, they're due to the fact that the endpoints
can't announce a global address for themselves.

/Valdis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20020923/d8f03b39/attachment-0007.bin


More information about the unisog mailing list