On Tue, 2006-03-28 at 08:00 -0800, Hallam-Baker, Phillip wrote:
From: Kurt Erik Lindqvist [mailto:kurtis(_at_)kurtis(_dot_)pp(_dot_)se]
NAT is a dead end. If the Internet does not develop a way
to obsolete
NAT, the Internet will die. It will gradually be replaced
by networks
that are more-or-less IP based but which only run a small number of
applications, poorly, and expensively.
...or you will see an overlay network build on top of
NAT+IPv4 that abstracts the shortcomings away - aka what the
peer to peer networks are doing. End-to-end addressing...
Precisely. Just what is this fetish about keeping the IP address the same as
the packet travels?
It certainly doesn't have to be. As long as there is one global
identifier which is the same on the other side. A double NAT (thus
making sure the packet is 100% identical on the sending and receiving
side) with a signalling protocol in between is the solution for this.
And there is something already being worked on which does that: shim6.
If there is a way for the host to determine that it is behind a NAT and to
request external registration of necessary ports the whole process can be
made completely transparent to the hosts at each end.
You are thinking of UPNP (See http://www.upnp.org or read for instance
http://www.microsoft.com/windowsxp/using/setup/expert/crawford_02july22.mspx).
Which is already support by Windows for some time and many "NAT boxes" (ohno I
should say 'router' or 'firewall' according to them) vendors also nicely
implement it. But it is a kludge and a heavy one as all the applications using
it also have to support it and it is not always available and there are not too
many applications supporting it, let alone protocols. Next to that, when the
well known port on the outside IP is taken it won't work. Just like when there
are multiple levels of NAT, or there are no rights to control the UPNP process
at all.
IPv6 thus gives the advantage over UPNP that:
- it is clear and simple to all the applications who they are
talking to based on the source/destination IPv6 address
- same ideas as IPv4 and no kludges
- firewalling can remain the normal firewalling
- multiple tools can use the wellknown ports as there are multiple IP's
- etc...
Other thing you might want to look at is Teredo (RFC4380), which
basically implements an p2p overlay network on top of IPv4, but using
IPv6 for addressing. (Funny eh that both Teredo and UPNP come out of the
MS stables, guess what these guys wanted to solve...)
Greets,
Jeroen
signature.asc
Description: This is a digitally signed message part
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf