Just wondering if I am the only idiot out there who took a look at the 8.3 NAT changes and thinks these changes are not really necessary, make the config much too big and in general cause too much confusion. In addition, the 8.3 NAT configuration looks like it assumes nat-control is on, so in environment where nat control is predominantly not used, the config gets bigger, because of all the non nat exceptions that have to be made. IOW, heavy nat config may translate to a more digestible config. But heavy no-nat config may translate to a bloated config.
Problems I see:
-I don’t want to go around and upgrade memory in all my firewalls just for a .X release.
-Config become much too bloated in heavy non-nat environment (and possible nat environment). In one example, config went from 50-60kb -> 150kb! It’s also 'difficult' on the eyes!
-Replacing inside IP addresses in a outside interface ACL is non-intuitive for a L3 guy. Why would I want to let a public host firewall through to a private IP address on my outside interface?!?!
-no Nat-control” command is gone? Does this mean I have to except every no-nat item? What is going to happen to predominately internal firewall configs? Can I turn off Nat globally?
HELP! My first response is that I hope Cisco supports 8.2 for a long time, or at least has a config "switch" to keep NAT working the old way!