Not trying to be a "dick" I assure you - its just that your statements are FUD.. If you are not sure then you should word them as questions and not what "seems" to be a FACT in your mind?
So your suggesting that every server should be behind a NAT?
For additional protection I'd say so. Otherwise aren't you
just putting all your faith in software firewall solutions on the host
Not sure what firewalls you have worked with in the past, but I assure you you do not have to be behind a nat to process rules that either allow or deny access. Not sure where you would of gotten that idea other than maybe home type routers, and normally those routers don't even really create a real DMZ, more of what they call a DMZ Host - which is just the forwarding of ports that are not otherwise forwarded already.
More than happy to help you with any questions you have.. Who told you this "I have always been told to use NAT and put servers on a separate LAN".. This is just FUD plain and simple.
I think its already been brought up - if this is your understanding, what do think will happen with IPv6? Do you think NAT will still be used?
Don't get me wrong, not saying that NAT is not a useful tool - that sure can be used in protecting your hosts, or for sharing a IP, etc. etc. Lots of use for it. But there are protocols that just do not work, or do not work well when behind a NAT. And created extra overhead when its just not needed, there are places and uses for nat and or napt sure. But it is not the end all get all of protecting your servers.