[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: An idea: GxSE
At 11:01 AM 6/25/01, Iljitsch van Beijnum wrote:
>There are quite a few things we can do to improve NAT:
>
>- make it stateless so there is no longer a single point of failure and
> scalability is improved
This is not necessarily a stumbling block for NAT. There are many NAT
implementations out there which handle redundancy through the use of
duplicate, cooperative hardware, just as well as the web load balancers
which can't be a single point of failure. There are also some which handle
multi-homing without the use of BGP by using address blocks from separate
links and managing load and failover.
>- add a "NAT control protocol" so applications can instruct the NAT box to
> enable/disable certain features and find out what their "real" address is
Please go read the RSIP documents. There are a LOT of problems with this,
not the least of which is there may be multiple layers of NAT between a
workstation and the global address space. It is quite problematic to deal
with these cases, and they ARE common.
>There is one thing that NAT has going for it that will kind of break in GxSE:
>the hosts don't need to do or know anything special. But both the host and
>the router have to support GxSE. Obviously, when every host runs GxSE this is
>no longer a problem, but this is not something that is going to happen any
>time soon.
And since NAT doesn't provide a reliable end-point address in some cases,
there's no way to put servers behind it. Or peer-to-peer neworking
applications.
-----------------------------------------------------------------
Daniel Senie dts@senie.com
Amaranth Networks Inc. http://www.amaranth.com