A mission critical server application embeds a private IP address and port number in the payload of packets that is used by the client to reply to the server. Why is implementing NAT over the Internet supporting this type of application an issue?
Embedded IP addresses causes NAT to do extensive packet manipulation. This process is very time intensive and the added delay causes the connection in these types of applications to time out and fail.
When the client attempts to reply to the server using the embedded private IP address instead of the public IP address mapped by NAT, the embedded private IP address will not be routable over the Internet.
NAT traversal can't be used for embedded IP addresses. Mission critical applications typically use NAT transversal to ensure stable timely connections, but not when embedded IP addresses and ports are used.
Using NAT makes troubleshooting difficult. You must know the IP address assigned to a device on its NIC and its translated address; it takes too long to determine the source and destination of an embedded IP address, and this delay is not appropriate for mission critical applications.
Want to practice for 642-552 - SND - Securing Cisco Network Devices Exam ?