Nothing wrong with NAT. Its just a hammer, and every problem looks like a nail. You can do all the lovely security things NAT can do with a well configured router - NATs primarily are 'better security' cause they deny ports by default (but you can do the same as flexibly with public IP addresses and a properly set up firewall apparently - and you arn't forced to decide which boxes get which ports). There's a half dozen ways to get around that - my IPV6 connectivity to my dinky little toy server simply punches through my router, cause setting it properly is a pain in the rear (*grumble grumble bad documentaion grumble*), as do a lot of protocols.
ISPs natting large swathes of users to save on IPV4 addresses? Lazy. Home users using NAT to connect home networks might work for me, but I'd trade that for a good IPV6 router with a sensible interface for 90% of cases.
And then there's the old PCI DSS specifications that used to insist systems that had credit card information be behind a NAT.. they eventually switched that to network isolation.
no subject
ISPs natting large swathes of users to save on IPV4 addresses? Lazy. Home users using NAT to connect home networks might work for me, but I'd trade that for a good IPV6 router with a sensible interface for 90% of cases.
And then there's the old PCI DSS specifications that used to insist systems that had credit card information be behind a NAT.. they eventually switched that to network isolation.