Slightly OT: How common is NAT?

Anthony David adavid at
Sat Dec 14 11:08:46 EST 2002

Michael Still <mikal at> writes:

> Hello.
> I have been asked at work how common NAT'ed corporate networks are. My gut
> feeling is very, for a couple of reasons:
>  - all the corporate networks I have seen are like that
>  - no one can afford mounds of real IPs
>  - it's more "secure"
> Does anyone know of any research / references which will either backup my
> statement, or prove me wrong?

A few anecdotal experiences.

 One Govt Department allocated a bunch of different routable subnets
in their LAN. They use NAT and Firewalls to manage Internet and non-Internet
Traffic. These aren't even their own addresses! Messy. Interestingly,
one Dept in the late '80s went IP and assigned routable addresses by the
same method. I expressed my reservations and they said it was too hard 
to change. 6 months later they changed, thankfully.

One Govt Agency got a B class allocated (they have about 400-600 IPs in
use). They use it for both LAN and Internet addressing and use Firewalling
to manage Internet traffic. Messy.

A number of Govt Departments use Private Addressing for their LAN and
routable addresses for Internet hosts. Much less hassle than
the above. Too many  B-class locked up though in general.

IMHO, NAT is something you do as a last resort. Trouble-shooting
is especially exciting when one side refers to an IP and the other side
has a different number.

Interesting that DSD EPL's the CISCO PIX without NAT when the main
feature of the PIX is NAT.

Anthony David

Gambling(n): A discretionary tax on those asleep during high school maths
0xA72CE1ED fingerprint = EA1E C69E FE59 BBE1 AA4B  F354 BD09 9765 A72C E1ED

More information about the linux mailing list