Relay agents, NAT, and offers to giaddr

Alan DeKok adekok at
Sat Sep 16 16:37:06 UTC 2006

David W. Hankins wrote:
> On Fri, Sep 15, 2006 at 03:52:35PM -0700, Alan DeKok wrote:
>>    But that's just what NAT boxes do...
> Not precisely, no.  NAT boxes do not, as a general rule, peer into
> SIP exchanges and 'fix' them so that SIP works across NAT, much
> to the chagrin of any VOIP sysadmin you might meet.

   NAT boxes already capture & re-write UDP traffic, which is what I was 
responding to.  And DHCP relays capture and re-write the contents of 
DHCP traffic.  A box that does both...

> Neither do they peer into any other UDP payload, and if they
> were to, the results would be more disastrous than they are
> already.

   The failure of NAT is that it tries to act as a router that manges 
application-layer traffic, without being aware of application semantics.

   If the NAT boxes acted as a server to the clients in the private 
network, and used that data to act as a client to the servers in the 
public network, this wouldn't be a problem.

   But this is far afield of DHCP.  To bring it back, most of the 
problems we've been discussing would be much easier to solve if the DHCP 
relay was involved for *all* client traffic.  The relay is acting as a 
router for application-layer traffic.  Traffic that bypasses it, 
therefore, does not obtain the benefits of using it.

   Alan DeKok.

More information about the dhcp-users mailing list