From openbsd-misc Wed Jan 02 07:44:37 2002 From: Marc Espie Date: Wed, 02 Jan 2002 07:44:37 +0000 To: openbsd-misc Subject: Re: UVM, UBC, and PF criticisms in comp.unix.solaris X-MARC-Message: https://marc.info/?l=openbsd-misc&m=100995848532466 On Wed, Jan 02, 2002 at 03:44:44PM +1100, Darren Reed wrote: > For starters, if you have two hosts, inside, which both want to ping > the same external host, at exactly the same time, what do you do when > you get 1 reply back instead of 2? Does the firewall get heavy and > put its own data in the data part of the ICMP payload? What if the > user is sending 0 bytes data? You can't exactly just add more because > that has an effect on the measurement, however small or big. It's already great having firewalls/NAT configured to let pings and similar things through. I've often had to deal with sysadmins who configure their network to not let anything through. > The only answer is to say that NAT is evil. Well, of course it is. But then, convincing everyone to switch to IPv6 is a tall order. Maybe this will change in a few years time.