On Tue, 18 Jul 2000, Laine Stump wrote:

> At 02:59 PM 7/18/00 +0100, David Brownlee wrote:
> >         One solution - good use of NAT is another one.
>                        ^^^^^^^^^^^^^^^
> 
> Hey! A new oxymoron!!!! ;-)
> 
> (BTW, if I had a choice between bridging, or using NAT, I'd choose to 
> bridge every time. There are just too many odd protocols not supported by 
> IPFilter (or most any other NAT implementation). For example H.323, RTSP, 
> xdmcp.)
> 
	If you are running xdmcp then you probably are not in an
	environment that needs a secure filtering box (you might need
	one at your border, but then you probably are not running xdmcp
	across there).

> (Yes, this message is being posted from a machine behind a 1:N IPFilter 
> NAT. Sometimes you can't get everything you want ;-)

	Sometimes you want to exercise a little more control than you can
	get with a bridge.

	That is not to say that it wouldn't be excellent if someone
	pulled in OpenBSD's bridging support.. :)

                David/absolute
			       -- www.netbsd.org: A pmap for every occasion --