Subject: Re: NAT query
To: None <email@example.com>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Date: 02/26/2002 06:05:56
> I have a NAT box between our FTP server and the Internet universe.
"Don't do that, then." FTP, especially in PORT-using (non-PASV) mode,
is one of the protocols broken most severely by NAT, to the point that
a lot of NAT implementations have special-case kludges to rewrite the
control data stream on the fly to make it "work" in at least a minimal
sense. To my mind, this "fixes" FTP-through-NAT in much the same way
that MSS clamping "fixes" a path MTU discovery black hole: it doesn't
actually fix the problem, just keeps it dormant for the moment.
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML firstname.lastname@example.org
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B