Relay agents, NAT, and offers to giaddr
Alan DeKok
adekok at infoblox.com
Sat Sep 16 16:37:06 UTC 2006
David W. Hankins wrote:
> On Fri, Sep 15, 2006 at 03:52:35PM -0700, Alan DeKok wrote:
>> But that's just what NAT boxes do...
>
> Not precisely, no. NAT boxes do not, as a general rule, peer into
> SIP exchanges and 'fix' them so that SIP works across NAT, much
> to the chagrin of any VOIP sysadmin you might meet.
NAT boxes already capture & re-write UDP traffic, which is what I was
responding to. And DHCP relays capture and re-write the contents of
DHCP traffic. A box that does both...
> Neither do they peer into any other UDP payload, and if they
> were to, the results would be more disastrous than they are
> already.
The failure of NAT is that it tries to act as a router that manges
application-layer traffic, without being aware of application semantics.
If the NAT boxes acted as a server to the clients in the private
network, and used that data to act as a client to the servers in the
public network, this wouldn't be a problem.
But this is far afield of DHCP. To bring it back, most of the
problems we've been discussing would be much easier to solve if the DHCP
relay was involved for *all* client traffic. The relay is acting as a
router for application-layer traffic. Traffic that bypasses it,
therefore, does not obtain the benefits of using it.
Alan DeKok.
More information about the dhcp-users
mailing list