[Replying to John, Steve, others]
This might sound like a completely off the wall suggestion. But is it
possible that we could use an IPv4 extension header to carry the internal
address of a NAT-ed host in some way and thus preserve end-to-end
addressability?
Assume for the sake of argument that we have a secure DNS deployed and that
this scheme makes it efficient to publish policy records for protocols. [I
have a detailed justification for why this is possible]. Such that when a
client attempts to connect to the http protocol for www.example.com it is
going to receive back a DNS record chain from its resolver that includes:
www.example.com
A 18.1.1.1
AA 18.1.1.1.10.1.0.0
_http._tcp ESRV "IP=a+aa+aaaa"
If the application is going to use the AA record it has to have an IPv4.1
stack. This causes it to emit IPv4 packets where the first four bytes are
sent in the IPv4 header and the remaining four bytes are sent as a header
option.
The NAT box at 18.1.1.1 now has all the information it requires to allow
complete transparency in either direction.
Clients can connect to a server behind a NAT box provided only that they
have a current IP stack.
I can even provide a pretty good solution to Brian's mobility/referral
problem. Say that there are 256 points of presence, each of which has a
distinct IPv4 address. All we need to do is to tell the mobile device when
to change its Internet point of presence address. The target need not know
that the gateway has been changed.
Of course one objection that would be made against this is likely to be that
it solves the problem a bit too well and eliminates the need for IPv6
entirely. The other objection is going to be that we are now so far into the
deployment of IPv6 that 'it is too late to change'.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf