--- Vernon Schryver <vjs@calcite.rhyolite.com> wrote:
> > From: Joe Touch <touch@ISI.EDU>
>
> > ...
> > The only question is whether there is something similar between NATs and
> > transparent proxies. Maybe "modifying IP packets considered harmful".
> > The issue with NATs may best be added under "even within the same AD,
> > transparent proxies are dangerous because..." including the IP ID and
> > TCP port and sequence number issues there seems on-topic. (?)
>
> Agreed, NAT's and redirecting proxies are technically similar.
>
> (However, I'm not sure that 'a "transparent proxy" is a proxy that does
> not modify the request or response beyond what is required for proxy
> authentication and identification' is similar to a NAT box or a redirecting
> proxy.)
>
> Is there an RFC that includes the many complaints that have been made about
> NAT boxes in the main IETF list?
>
Not an RFC. But, a draft addressing precisely this.
It is titled "Protocol Complications with the IP Network Address Translator".
<draft-ietf-nat-protocol-complications-02.txt>. The draft should be going
out for an IETF-wide last call shortly(It's in Steve Coya's list of things to
do). Any comments and input are most welcome. Thanks.
>
> vjs
>
cheers,
suresh
=====
__________________________________________________
Do You Yahoo!?
Send online invitations with Yahoo! Invites.
http://invites.yahoo.com
This archive was generated by hypermail 2b29 : Thu Nov 18 2004 - 11:21:28 MST