On 15 okt 2003, at 19:45, Keith Moore wrote:
the marginal sin of
intercepting DNS queries for private addresses, to prevent the
sort of problems those queries cause, seems to me to be fairly
I probably agree. But I guess my question is "where does it end?"
It ends when IPv4 ends. That is, if we can keep NAT out of IPv6.
That is, how many things do we change elsewhere in the network in order
to minimize the operational problems that crop up with NATs? What is
the cost of those changes, and how much do they impair the ability of
the network to support applications?
There is no answer for these questions. Everyone can unilaterally
decide to run stuff like NATs. That's actually a strength of our
archictecture. Also, anyone can unilaterally decide to send traffic.
That's a big issue with our architecture. Fixing the latter (so,
amongst other things, root nameservers aren't forced to receive traffic
from RFC 1918 sources) without getting in the way of the former isn't
going to be easy.