<div class="gmail_quote"><div>I only wish NAT had never been invented. NAT has caused me more headaches that I can imagine, and here at work, we have them doing some things that I'm pretty sure is never supposed to happen. Some of the workstations here at work are on one of a few dozen 10.x networks, but they're only NATted leaving campus. They're routed throughout the campus. So if someone on campus accesses a server on campus, the request comes in directly from their 10.x.x.x IP. This gets real dicey for trying to implement SSO solutions that use the source IP as part of the session when the SSO system has to talk to off-campus systems. So the SSO server sees 10.x.x.x, but the off-campus computer sees AAA.BBB.x.x from the NAT gateway. Now, I'm just a sysadmin, not a networking guy, but something seems very wrong about having traffic from both RFC 1918 address space and world-routable address space on the same interface.</div>
</div><br clear="all"><br>-- <br>David Tomaschik, RHCE, LPIC-1<br>GNU/Linux System Architect<br>GPG: 0x5DEA789B<br><a href="mailto:david@systemoverlord.com" target="_blank">david@systemoverlord.com</a><br><br>