[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: An idea: GxSE



At 03:22 PM 6/25/01, Iljitsch van Beijnum wrote:
>On Mon, 25 Jun 2001, Daniel Senie wrote:
>
> > >There are quite a few things we can do to improve NAT:
>
> > >- add a "NAT control protocol" so applications can instruct the NAT box to
> > >   enable/disable certain features and find out what their "real" 
> address is
>
> > Please go read the RSIP documents.
>
>A pointer or the full name would be helpful.

Go read all the NAT stuff at:

http://www.ietf.org/html.charters/nat-charter.html

all of the documents are listed out there. The RSIP documents are, I 
believe, going to be published as Experimental. I'm not sure why they 
haven't already been published as such.


> > There are a LOT of problems with this,
> > not the least of which is there may be multiple layers of NAT between a
> > workstation and the global address space. It is quite problematic to deal
> > with these cases, and they ARE common.
>
>I'm very tempted to say that people with such a setup are asking for whatever
>problems they are getting... But I'm not.
>
>If NAT is ever to become a serious alternative to real connectivity, there is
>a lot to be done. If a control protocol makes things better for a lot of
>people, I think it's a good thing. Too bad for those who use setups that are
>even more complex. They should just keep doing things the way they are now.

There are many ISPs in the world who are using NAT to cover all their 
customers. Any customer who then needs to hook up more than one computer 
gets to do another level of NAT. Is this a bad idea? Sure. However, if RSIP 
or similar go forward, it will likely be in that environment. Will this 
happen again in the IPv6 world? Unclear. I suspect, though, that having NAT 
at multiple levels will not disappear.


> > And since NAT doesn't provide a reliable end-point address in some cases,
> > there's no way to put servers behind it. Or peer-to-peer neworking
> > applications.
>
>Obviously that would be just about the first requirement for any serious
>multihoming alternative.

Agree.

>  I don't think it's worth the effort to think about
>outgoing-only multihoming.

Agree again. There are already products in the marketplace for IPv4 which 
handle outgoing-only multihoming without the involvement of upstream ISPs. 
These are useful products for those users who can live with the 
limitations, but not worth considering for multi6.
-----------------------------------------------------------------
Daniel Senie                                        dts@senie.com
Amaranth Networks Inc.                    http://www.amaranth.com