dresses. The technology has subsequently grown simply because of the dif-
ficulty in coordinating devices in many contexts. Apple, for example, uses
NATs to connect machines to its AirPort wireless server. You can plug an
AirPort into your cable or DSL modem and then an unspecified number of
machines can share the very same IP address.

The problem with NATs is that the techniques used to share IP addresses
are not standard. The NAT inserts points of control into the network. Data
passing onto a NAT-controlled network must pass through the NAT before
the NAT permits it to pass to the end user. If the NAT is unaware of how to
process the data from that particular application (either because the NAT
was unaware of that application or because it was coded to ignore data of
that type), then that application won't function on that NAT-empowered
network. Developers of technologies that need to be certain they are talking
to a particular machine must therefore survey the world of NATs to make
certain their systems will work on all the major brands. This in turn in-
creases the costs of development and, on the margin, may reduce innova-
tion.

No one thinks NAT boxes are part of a conspiracy. This compromise of
end-to-end is innocent in the sense that we don't imagine it is implemented
for strategic purposes. Nonetheless, it reduces the flexibility of the Internet
as a whole.

But there is a solution to the problem that NATs were initially designed
to solve -- and again, it is to increase capacity. The name space for the Inter-
net (IPv4) is in the process of being upgraded (to IPv6). That will have a
practically endless number of addresses,[10-50] thereby eliminating the need
for NATs. With endless address space, technologies for "conserving" ad-
dresses become unnecessary at best. Thus, rather than imposing this high-
coordination cost on technologists developing technology for the Net,
increasing the name space would remove the initial reason for the compro-
mise.

Other compromises with end-to-end are less benign. Consider firewalls,
for example. A firewall is a technology for controlling interaction between a
local network and the Internet. Like the NAT, it is a technology that adds a
point of control within the network that could block everything that has not
explicitly been admitted by the local network manager. Unforeseen appli-
cations thus again pay a heavy price.

Firewall technology, for example, no doubt serves a legitimate purpose in
many cases. Sometimes, however, its purpose is expressly to impose a policy
on the Net. Many universities, for example, forbid the use of Napster tech-

[[172]]

p171 _ -chap- _ toc-1 _ p172w _ toc-2 _ +chap+ _ p173

v?