No, the reason we have NAT is because it's a lot easier for novice
network administrators to divvy up and route 10/8 than it is 208.x.x/20.
Only for novices :-)? And what if the alternative is not a /20, but
a /24, or even a /28?
There's also a general perception that NAT increases security; some
"security" companies go so far as to say NAT removes the need for a
Agreed that NAT does not remove the need for a firewall; but it *does*
I have a machine behind a NAT; its IP address is 192.168.27.111.
It has an open telnet port; the root password is "rutabaga".
(It's on a completely different network than the one I'm sending this
email from, so don't bother trying to deduce anything from the mail
headers or my domain name.) I don't believe that I've just
compromised its security :-).