To merge these 2 great threads, it is the case is it not that NAT is a great
way to avoid DDOS problems. I don't even want to imagine what the
billing/credit issues would be like if your always-on phone with a real IP
is used as a zombie in a DDOS. "Hey I didn't use all that traffic last
I still maintain, since the last time this was on Nanog, that real IP
addresses should not be entrusted to the great unwashed.
And as for NAT breaking applications, I think its time the applications
wised up and worked around the NAT issues. Look, if your application is
important enough to you as the developer, you are going to want it to
penetrate and work for as many ppl as possible right? Office workers, home
users with gateways, GPRS/GSM/3G cell users etc etc. So you make it use
protocols that traverse NAT without breaking. Look at the streaming media
players out there, they try to use, in order, multicast (the most effcient
and best quality), UDP,TCP then HTTP. If it cant get a connection with any
of the first protocols, it falls back to http, and you get your stream.
When you look at the economics of usability of your app, I think your going
to want to make it work through firewalls.