When we look back a couple of years at how computers evolved we will
find that in the beginning of the development of a new resource it
was used and addressed directly. A great example is a computers memory.
For quite a long time the processor and each program had direct access
to every single RAM cell by using each cells hardware address directly.
A program always knew were in memory its code had been stored and
there were no differences between cells storing data and cells storing
code. I am talking about computers that can be described as 'PCs',
others already used new concepts that we can find in todays devices.
Over time, direct access became a disadvantage, systems and application
programmers did no longer want to take care of where exactly data
was stored and that there were no conflicts with other programs or
even within a program. So a new layer hiding physical memory from
the software was introduced. The microprocessors now had units that
translated virtual addresses used by the software to physical addresses.
Advantages were that now several programs could use the same addresses
to address their data, and the memory management unit translated them
to different physical addresses. Also, memory that did not even exist
could be simulated, using for instance the hard disc as a media where
portions of RAM could be stored temporarily.
Today we can see many similarities when we look at the development
of networks. Until a short time ago most computers were not networked.
Existing networks were relatively small and clearly laid out, the
administrators almost knew each single node personally. We almost
always use a hosts IP (or its name, which is mapped 1:1 to one or
more IPs) to access certain services or programs on that computer,
just as we used to access certain regions in memory by their hardware
addresses in order to access a certain piece of code (e.g. calling
an subroutine) or data. Today we still use memory addresses for this
(for instance pointers in C[++]), but they have a completely different
meaning. They are virtual addresses rather than physical ones,
i.e. we do not know where the data we want to access is physically
stored.
In the future a similar process will happen to network addresses:
we will no longer address single hosts (cells) directly with their
Internet-address (hardware address), but we will use a virtual address
(that does not need to be numeric) in order to access a certain service,
regardless of what IP (physical address) the host providing the service
has. This process has already begun, an example is the Domain Name
Service. However, the mapping done by DNS is much less powerful than
the one used for virtual memory, so we can assume there is still a
lot of potential. In addition, we are still at the beginning of the
networking age and we still think in absolute terms when we design
new networks. There are concepts, like virtual private networks, virtual
LANs or virtual servers, where we can see some of the new directions.
Today nobody tries to find or even use the physical address of a memory
cell, where some piece of code or data is stored (except for operating
systems designers, but that is what they do, providing us with mechanisms
that hide those details), but we still almost always use the physical
IPs of network nodes, even DNS is hardly more than a mapping name
to IP. We could imagine a mechanism just like virtual memory, where
we can (virtually) address code, data or services on a network without
knowing or even being able to find out what physical address (IP)
is associated with the virtual network address. This, however, is
beyond this document, all I wanted was to show where NAT may find
or has found its place in the entire scheme. NAT will not be the general
solution of course, indeed it has much of a hack introduced to circumvent
limitations of the current system, which is marked by not providing
much virtualization of the network yet. NAT is, on the other hand,
a useful tool to achieve virtualization on a local scale, as long
as more general solutions have not been developed. It is probable
that NAT will even contribute to such a general solution (as has become
the virtual memory system for virtualizing memory), either by being
part of it or by gaining new insights and experiences that will help
to understand the virtualization process better, or both.
NAT is being widely used already, although only for purposes described at the beginning, to help with IPv4 address space limitations and it is very successful at that. This is also another reason why I believe IPv6 will not come that fast, the most pressing problem of the IP-addresses has been partly and temporarily solved and many people can live with it. On the other hand recompiling each application for IPv6 is hardly handable in large networking environments where the administrators have a lot to do anyway.