W3C home > Mailing lists > Public > ietf-discuss@w3.org > December 2002

Re: Application protocols and Address Translation

From: Brian E Carpenter <brian@hursley.ibm.com>
Date: Mon, 02 Dec 2002 15:03:56 +0100
Message-Id: <3DEB684C.BF131A84@hursley.ibm.com>
To: Patrik Fltstrm <paf@cisco.com>
Cc: discuss@apps.ietf.org

Patrik,

One of the problems here is that whatever we do in the addressing
architecture, somebody can come along and sell a NAT-v6 box with
the same misleading arguments that we hear for NAT-v4, apart from
one (shortage of address space). 

So the real challenge is: how can we make it more attractive to
*not* buy a NAT box than to buy one. I believe that should be the
focus of applications people.

    Brian

Patrik Fltstrm wrote:
> 
> You might be aware of the discussions in the IPv6 working groups in the
> IETF. They talk over and over again about (a) transition from IPv4 to
> IPv6 (b) addressing mechanisms in IPv6.
> 
> It is time Applications Area give some major input into that discussion.
> 
> Several of you are working very hard within these working groups, and I
> thank you for your hard work. I do though think we need some
> coordinated action.
> 
>  From my point of view, address translation in the IP layer is a VERY
> BAD THING from an application perspective. It means two end nodes can
> not open direct connection to each other. This is something very
> different from firewalls which are there to block some traffic due to
> some policy someone want to apply on the path.
> 
> But, if the policy on a path is such that certain traffic is ok, then
> that traffic should be able to pass through using globally unique IP
> addresses.
> 
> Yes, in IPv4 land we have NAT all over the place. When doing IPv4 and
> IPv6, we will have NAT-like things all over the place.
> 
> My number one argument for moving to IPv6 is that we have enough
> addresses to have unique addresses on every device, so NAT will not be
> needed in v6 only land.
> 
> In the addressing architecture there is something called "Site Local",
> which one can claim (in a naive way) that they are like RFC 1918
> addresses. "Not to be used on the global Internet". The arguments for
> using those is that sometime one is not connected to the global
> Internet. My problem is that that was the fact with RFC 1918 addresses
> as well, but see what we have today! People connect these networks, but
> apply a NAT box between the RFC 1918 network and the Internet.
> 
> What I want to see is that the wording and design of the Site Local
> addressing should be such that NAT boxes is a bad thing. Even better, I
> want an addressing scheme which makes "RFC-1918-like" addresses
> non-existing in IPv6.
> 
> Now, yes, I am one of the two Area Directors for Applications Area. And
> I have this very strong view.
> 
> I now hand over the work to you. I need to know if I have a different
> view than "applications area".
> 
> What I want to have is a common view of the Applications people in the
> IETF on these "RFC 1918-like" addressing schemes.
> 
> Are they ok?
> When and why?
> What can they be used for?
> What is they not good for?
> 
> I would like to have an I-D talking about these issues, from an
> application layer perspective.
> 
> Any takers on being the editor on a document like this?
> 
>       Patrik
Received on Monday, 2 December 2002 09:05:35 EST

This archive was generated by hypermail pre-2.1.9 : Tuesday, 24 February 2004 19:46:22 EST