ietf
[Top] [All Lists]

Re: NATs *ARE* evil!

2000-12-21 16:00:02


On Thu, 21 Dec 2000, Mike Fisk wrote:

Yes, I was being slightly more general to include other gateways that
don't necessarily operate at the application layer:  
TCP-splicing/spoofing, NAT, SOCKS, etc.

The problem is that the protocol mechanisms to discover and use these
gateways are piecemeal and inadequate.  That leads many of them to be
implemented "transparently" which breaks protocols that don't know there's
a gateway.

One way to let higher protocols transparently cross such gateways is described
both in Cheritan's Triad project and my I-D on addressless networking. The
         
  Thanks for citing the TRIAD project.  The principal investigator is
Prof. David Cheriton at Stanford.  For details, see
http://www-dsg.stanford.edu/triad/index.html.

Sam


cut is made just above the IP layer - Triad shows that higher protocols like
TCP can be made happy with pretending there's an IP address below. I more
specifically propose a 32b switch path termination - as long as the 32b number
serves to identify an e2e path, whether or not it is an e2e destination
address and/or transits gateways would be irrelevant to the e2e operability
of the TCP layer. In the limit of fine-granularity, NAT'ing becomes no 
different
from label switching, so what I'm suggesting is that we take the bull by
the horns once and for all and run MPLS over IP instead of under it... That
way, you'd obsolete NATs and SOCKS in the longish run, but that's another 
story.


-p.





<Prev in Thread] Current Thread [Next in Thread>