ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BEHAVE] Lack of need for 66nat : Long term impact to application developers

2008-11-26 19:36:36
from [Ted Hardie] [Permanent Link] 
At 6:07 PM -0800 11/25/08, David Conrad wrote:

Tony,

On Nov 25, 2008, at 4:41 PM, Tony Hain wrote:

Either way the
app developers will have to rely on topology awareness crutches to 
deal with
the resulting nonsense.


Stuff they presumably already have to deal with because they'd like 
their applications to be used in the real (IPv4+NAT) world...


Have to deal with does not mean that the current solutions actually work.
As I said in my first message in my thread, the estimates we have for
ICE-TCP working in the real world are 40% or so, and it is the best thing
that we have.  That means real applications that already benefit from
1) having a known rendezvous/signalling path and 2) have defined
methods for using relays *still fail the majority of the time they use
TCP*.

We deal with that by not having the apps deploy.  One of the few
ways to actual get a pull for v6, rather than than exhaustion-based push,
is to have the topology sufficiently simpler that some things work there
better than they work in v4.  Introduce NAT, and you have shot that
possibility in the head, not the foot.

There is a reason we see so many systems deploying in overlay networks
at this point--the IP topology is so broken for v4 that it is better to use
a key-based routing system on top of it than to use the topology itself.
If we are giving up on this for v6 at this point, we need much more
work on dealing with overlays, because our ability to have non
client-server systems will depend largely on them.






A reasonable standards development effort would not blindly endorse
something known to be detrimental,



Standards development effort != endorsement.


But the IETF sells itself as something that gets cross-area review and gives
a benefit in understanding how a technology fits in the ecosystem.  If we
aren't going to pay attention to it when it comes, we have relatively
little value beyond a cheaper industry consortium.  The review on
this is trying to express real concerns.    You have people offering to
do real work to come up with solutions that meet the need without
this breakage.  That's not possible, obviously, if the need is "introduce
NAT", but if the need is expressible in security properties or a threat
model, I personally believe we can do much, much better.

Happy Thanksgiving,
                                Ted

                                
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [BEHAVE] Lack of need for 66nat : Long term impact to applicationdevelopers, Mark Andrews
Next by Date:  New boilerplate (was: Re: Gen-ART LC Review of draft-igoe-secsh-aes-gcm-00), Doug Ewell
Previous by Thread:  Re: The internet architecture, John Day
Next by Thread:  Re: [BEHAVE] Lack of need for 66nat : Long term impact to application developers, Keith Moore
Indexes:  [Date] [Thread] [Top] [All Lists]