Application protocols and Address Translation from Patrik Fältström on 2002-12-01 (ietf-discuss@w3.org from December 2002)

From: Patrik Fältström <paf@cisco.com>
Date: Sun, 1 Dec 2002 14:01:22 +0100
To: discuss@apps.ietf.org
Message-Id: <FDAE6233-052C-11D7-A024-0003934B2128@cisco.com>

You might be aware of the discussions in the IPv6 working groups in the 
IETF. They talk over and over again about (a) transition from IPv4 to 
IPv6 (b) addressing mechanisms in IPv6.

It is time Applications Area give some major input into that discussion.

Several of you are working very hard within these working groups, and I 
thank you for your hard work. I do though think we need some 
coordinated action.

 From my point of view, address translation in the IP layer is a VERY 
BAD THING from an application perspective. It means two end nodes can 
not open direct connection to each other. This is something very 
different from firewalls which are there to block some traffic due to 
some policy someone want to apply on the path.

But, if the policy on a path is such that certain traffic is ok, then 
that traffic should be able to pass through using globally unique IP 
addresses.

Yes, in IPv4 land we have NAT all over the place. When doing IPv4 and 
IPv6, we will have NAT-like things all over the place.

My number one argument for moving to IPv6 is that we have enough 
addresses to have unique addresses on every device, so NAT will not be 
needed in v6 only land.

In the addressing architecture there is something called "Site Local", 
which one can claim (in a naive way) that they are like RFC 1918 
addresses. "Not to be used on the global Internet". The arguments for 
using those is that sometime one is not connected to the global 
Internet. My problem is that that was the fact with RFC 1918 addresses 
as well, but see what we have today! People connect these networks, but 
apply a NAT box between the RFC 1918 network and the Internet.

What I want to see is that the wording and design of the Site Local 
addressing should be such that NAT boxes is a bad thing. Even better, I 
want an addressing scheme which makes "RFC-1918-like" addresses 
non-existing in IPv6.


Now, yes, I am one of the two Area Directors for Applications Area. And 
I have this very strong view.

I now hand over the work to you. I need to know if I have a different 
view than "applications area".

What I want to have is a common view of the Applications people in the 
IETF on these "RFC 1918-like" addressing schemes.

Are they ok?
When and why?
What can they be used for?
What is they not good for?

I would like to have an I-D talking about these issues, from an 
application layer perspective.

Any takers on being the editor on a document like this?

      Patrik

Received on Sunday, 1 December 2002 08:02:05 UTC