ietf
[Top] [All Lists]

Re: draft-ietf-nat-protocol-complications-02.txt

2000-04-20 13:00:02
    > From: Jeffrey Altman <jaltman(_at_)columbia(_dot_)edu>

    > I am not a IPv6 proponent other than

Well, I'm not exactly a big fan of NAT boxes either. Disgusting kludges.

However, I've generally found that it's not really very useful to go around
saying "it's not really raining, it's not really raining" while I'm walking
in a thunderstorm.....
                              
NAT's are with us, like them or not, and the sooner we accept it, and try to
start working to fix things up to work with them, the better...

(E.g. fixing IPSEC to work through them, to use one example mentioned here -
although some people would no doubt point to things like SSL, which already
work through NAT boxes, and ask why we need IPSEC anyway - but I'm *not* going
to get into that! :-)


    > the extended address space that everyone needs without breaking the end
    > to end model of IP.

Well, I think we can regain the "end-end model", even with NAT boxes, if we
accept that those 32-bit things are irrevocably destined to become just
forwarding tags with only local scope.

There's a need, and a place, for things with only local scope - e.g. the
network layer header in front of the internet header, the hop count in the
internet header, etc, etc. The IPv4 address will have to be added to that list
- and for things which need an end-end name, we'll have to migrate to using
something else.

This still leaves us with the architectural problem of having mapping state
in the border boxes (another impingement on the fatesharing principle - i.e.
that all state relevant to an end-end connection be kept only at the ends),
but that can be looked at. It's not like there's *no* state in the network,
without which the connection won't work - routing table entries may seem like
they're handed down on stone tablets, but they are critical state too.

Then there's how it's installed (wiretapping DNS - eccch, another disgusting
kludge); definitely need to do something better there.

But it will have to be an incremental approach back to goodness, I fear...

        Noel