Keith Moore wrote:
But you missed the point I was trying to make. in those days, the
inability
of the mail network (or at least parts of it) to support a single global
address space was correctly recognized as a deficiency in the network -
and people took action to solve the problem (notably deployng MX records).
Which broke DNS. We can no longer send an email to an IP number, mainly
due to this myopic choice. This choice also broke layer independency.
What the heck are you talking about? Sending email to an IP address never
was deprecated, and still works just fine...
Perhaps we agree that DNS names depend on IP numbers as part of their trusted
context, but IP numbers do not depend on DNS names.
However, certain design choices in the evolution of the DNS,
since long ago, have made users fully dependent on the DNS for
certain critical Internet services -- which choices further
strengthened the position of DNS name registration as the single
handle of information control in the Internet. And, in a
reverse argument, its single point of failure.
Indeed, the DNS was never intended to be essential to the
Internet, since all Internet hosts are accessible by their
IP numbers alone -? however, those engineering choices in the
design of the resource records and various e-mail protocols make
it nowadays impossible for an average user to send or receive
e-mail in the Internet without a DNS service. In short, DNS names
have become the addresses of mailboxes and the addresses of
e-mail forwarders in MX resource records. Or, you are required to
have a matching reverse DNS that you do not have. Which is
another misplaced requirement, since why should you trust a second
query to a system you do not trust in the first place? This is also
relevant in terms of failure and control analysis because the e-mail is
by far, the most important application on the Internet for many users.
Thus, contrary to usual folklore in the Internet, the DNS is
nowadays essential to Internet usage -- as anyone can verify
simply by trying to send an email to an IP number.
Further, by placing the decisions of network address assignment
(IP numbers) together with DNS matters under the ruling of one
private policy-setting company (ICANN), we see another example
of uniting and making all depend on what is, by design, separate.
The needs of network traffic (IP) are independent of the needs
of user services (DNS). They also serve different goals, and
different customers. One is a pre-defined address space which
can be bulk-assigned and even bulk-owned (you may own the right to
use one IP, but not the right to a particular IP), the other is
a much larger and open-ended name space which cannot be either
bulk-assigned or bulk-owned. They do not belong together.
BTW, these were all decisions that the IETF helped put in place.
But, are they helpful? I don't think so and I suggest you question
yourself based on what we see today. While they may seem difficult
to change (ICANN?), at least they may show us what not to repeat
with IPv6 for example -- the syndrome of seeking a global solution to
local problems.
It is time IMO for some at the IETF to stop pretending that the Internet
can made into a homogeneous network.
The Internet never has been homogeneous, and I don't know anyone who
has been around IETF very long who pretends that it is. It has always,
however, had some minimum standards for addressing and message format
which not only allowed consenting folks to choose whatever other
protocols and applications that they wanted to run, and allowed the
same host and application software to be reused from anywhere in the
network, and to reach well-known services from anywhere in the network.
Yes.
But take away that little bit of uniformity - really the minimum necessary -
and all bets are off. People who use NATs - especially those using them
on a large scale - are discovering this the hard way.
This is where we disagree. These people are having the best time and making
the most out of *their* networks. They would be worse without NATs.
Cooperation is not a bunch of people doing the same things at the same
time, but different people doing different things at different times and
places, for the same objective. Likewise, standardization is not
having the same rules for all at all places but having different rules that
interoperate for the same objective.
The whole point of the Internet has always been to allow folks to run
any of a wide variety of networked applications they wanted to run.
Not only applications, but also protocols.
IP is fundamentally designed to give the maximum utility and flexibility
with a minimum of constraints on the networks and hosts supporting it.
Yes, but why constrain it to IPv6? It can -- and should -- interoperate with
IPv4. And NATs may help there as well, not just with IPv4.
By contrast, while folks can clearly do whatever they like with their
own networks, folks that put NATs on their networks are limiting the
set of applications that they can run.
Not applications -- they may be limiting the set of addresses they are using
for sending and receiving. Which might be the whole idea ;-)
Now maybe you're right that
the existence of NATs is just another example of people doing what
they like with their networks - just as they always have. Maybe NATs
are the Internet's adolescence. But just like adolescents don't always
understand the consequences of their actions, neither do the folks who
install NATs on their networks.
well.. you kiddies just do not know what we are doing .. you need adult
supervision. Well, who names the adults? Who supervises the adults?
IETF cannot compel people to stop using NATs, and it shouldn't try.
But it can and should develop solutions to the problems that NATs
purport to solve, which work better than NAT.
Yes, that is good. But, I suggest, that are problems which NATs solve
that you cannot solve otherwise ... unless you again advocate a homogeneous
Internet.
Cheers,
Ed Gerck