On 15 feb 2008, at 23:49, Jonathan Rosenberg wrote:
So how far, exactly, are you prepared to bend over backwards and
crack the spine of the IP architecture to accommodate 0.01% or so
of its users? Not to mention the cost increases for all the extra
protocol layers and debugging that must be borne by the other
99.99%?
Its not for me or you to decide. The issue is, will the people who
operate these networks decide that they want NAT. And then it is for
IETF to decide about whether they would like to engineer protocols
that actually work on the networks that those administrators have
built.
A much better course of action is to agree on what is a reasonable use
of IP technology first so that everyone can build stuff that works
together from the start without undue cost or inconvenience, rather
than having to go through a large number of frustrating iterations
where new protocols can't be deployed because middleboxes don't let
them through and middlebox buyers are unhappy with their vendors
because the middlebox gets in the way of certain stuff.
A big mistake was made in IPv4, where NAT was declared 'evil' and we
didn't spend enough time defining it well. Now, it is wildly
successful and a part of what the Internet is, and it is harder to
deal with it. Had we done standards work up front and early, and
defining exactly how NAT work, things would work much better.
Sure, but still much worse than without NAT. NAT IS evil in the sense
that it makes life a lot harder, that's not the question. The question
is whether it's a necessary evil. And that question is moot for IPv4
now, it's no longer possible to have a NAT-free IPv4 network. But it
IS possible to have a NAT-free IPv6 network, although the requirement
to change addresses often as external connectivity changes is deemed
problematic by some. A NAT that only addresses this issue (i.e.,
static 1-to-1 address mappings where internal and external addresses
have the same checksums so it's transparent to all protocols except
those that do referrals) might not be too evil, but an IPv4-style port
overloading NAT is even more evil in IPv6 because the workaround code
isn't there in IPv6, and it's not a necessary evil either, because
there is an abundance of address space in IPv6.
And now, we face the same dilemma with IPv6. Do we continue to deny
the possibility of IPv6 NAT? Do we decide NOT to standardize it?
Have we not learned our lesson from the first time around?
What type of IPv6 NAT would you like to standardize?
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
http://www.ietf.org/mailman/listinfo/ietf