ietf
[Top] [All Lists]

RE: IPv6 NAT?

2008-02-18 11:11:04
 

-----Original Message-----
From: Rémi Després [mailto:remi(_dot_)despres(_at_)orange(_dot_)fr] 
Sent: Monday, February 18, 2008 5:46 AM
To: Dan Wing
Cc: 'Paul Francis'; 'Dan York'; 'Rémi Després'; ietf(_at_)ietf(_dot_)org
Subject: Re: IPv6 NAT?

Dan Wing wrote :
Such 1-for-1 address rewriting does not provide the topology 
hiding that many people seem to like of their existing NAPT
devices, nor does such 1-for-1 address rewriting obscure the
number of hosts behind the NAT.  Such obscuring can be useful
for certain businesses (there are, today, small ISPs in certain
countries that do not want their country's PTT to know the
ISP's actual market share, for fear tarrifs or advertising to
compete with the small ISP will be increased).
  
Note that the approach in proposed in an earlier e-mail (and quoted 
below) provides the "topology and number of hosts obscuring" 
you discuss.
It does it without any NAT in the middle.

""If a client host takes a new randomly chosen
"privacy IID" for each of its outgoing connections: (1) its 
address and
its chosen port will keep their E2E significance; (2) no one will know
where it is in its site; (3) any attempt to call such an address will
fail; (4) the host will easily clean up its state when it knows a
connection is finished, or when it resets, or when its power is turned
off; (5) no stateful logic is needed in any intermediate box; (6)
intermediate boxes are not concerned with protocols used (UDP, TCP,
SCTP...).""

Sounds like RFC4941.

I do not believe today's application developers are comfortable
with determining if and when their application needs to perform
the functions of RFC4941.

-d

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
http://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>