In message
<6(_dot_)2(_dot_)3(_dot_)4(_dot_)2(_dot_)20050906181309(_dot_)07350830(_at_)mail(_dot_)amaranth(_dot_)net>,
Daniel Senie
writes:
At 06:00 PM 9/6/2005, you wrote:
The IETF has been doing extensive work on NAT traversal, have a look
and see if you can reuse some existing mechanism.
All mechanisms used with the possible exception of an additional SNMP
table will be re-used from existing IETF work (mostly SSH with help
from the fact that it's based on TCP).
Perhaps then it's time we consider mandating a "NAT-Traversal" section to
standards track documents much like IANA and Security considerations have
become common place to this day. Anything that's not covered by the BEHAVE
work already done should be covered there, as the IETF seems to have indeed
accepted the proliferation and widespread acceptance of NAT functionality.
Actually, a "Firewall Considerations" section would make sense. That
section might indeed be a good place to discuss NAT issues, if any,
but firewall interactions with protocols exist in many cases where
NAT is in use. Though many have expressed their hope that NAT does
not persist in the IPv6 world, there should be no doubt in anyone's
mind that firewalls will be with us permanently.
Indeed. In Hal Burch's dissertation, he concluded that
at least 93% of hosts attached to the Internet are behind
a ltering device of some type. Because this excludes hosts
behind rewalls that block all incoming connection attempts,
the true percentage is even higher than 93%. Clearly,
rewalls are an important consideration when designing
protocols and developing models for the Internet.
More of his measurements concluded that at least 56% of hosts are
behind a firewall that blocks by default.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf