ietf
[Top] [All Lists]

Re: NATs *ARE* evil!

2000-12-18 15:50:02
"Theodore Y. Ts'o" <tytso(_at_)MIT(_dot_)EDU> writes:
It would be *awfully* convenient if we declare up front that something
is the "end point identifier" (i.e., "who"), and is forever exempt from
being changed by intermediate routing entities, and if necessary,
something is else the routing component (i.e., "where"), which can
change.  This "end point identifer" should have a canonical form, which
means that using the DNS name, as some have suggested, probably isn't
ideal.  For better or worse, people are too used to playing DNS games
where foo.g.akamai.com (for example) isn't necessarily the same host,
regardless of where you are in the network.

This is true. To do this though really requires some re-architecting
of the current Internet model, based on "first principles". In
particular, there is not a sufficient "name space" for what we are
often currently trying to do - hence the "akamai" type of trick.

Currently we have a situation where the defined name spaces are not
sufficient for truly identifying the end points of a routed
connection. IP addresses are therefore there for routing
purposes. However a number of situations can now occur so that the IP
address is not sufficient to name all situations. A host can be
multi-homed, partially disconnected or mobile and then things start
getting ugly.

We need to look at this. I believe that we are now already overloading
the useful set of meanings that one can attach to an IP address (somewhat
analogous to the presentation from Randy Bush at the plenary session on
DNS).

One can see actually, that some of the current issues to do with Mobility,
Multi-homing, NATs and the DNS are all related to an architectural
complexity that was never considered in the original architecting of the
Internet. (This is not a criticism, merely an observation based on a
view 20 years later). 

Cheers,
-- 
John Collis - Director Technology Development
IndraNet Technologies Ltd.
Email: john(_at_)indranet(_dot_)co(_dot_)nz
Web: http://www.indranet-technologies.com/



<Prev in Thread] Current Thread [Next in Thread>