[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Site local

To: Iljitsch van Beijnum <iljitsch@muada.com>
Subject: Re: Site local
From: Kurt Erik Lindqvist <kurtis@kurtis.pp.se>
Date: Fri, 6 Dec 2002 17:13:04 +0100
Cc: <multi6@ops.ietf.org>
In-reply-to: <20021204103114.P22837-100000@sequoia.muada.com>

The problem with NAT is not that the addresses in the IP header are
changed. The problem with NAT is that you're not talking to who you
think you are talking to. And if you don't know, you can't tell someone
else, so it becomes impossible to set up new connections in a different
way than from the same source to the same destination as the current
session. So this breaks pretty much everything except stuff that follows
a simple client/server model.

It even breaks that. See SIP through NAT. See IP-Sec through NAT, etc.

In a identifier/locator system, the endpoints are always aware of the
identifiers. Since such a system isn't here yet, we can make this a very
hard requirement. Changing the locators around is then no longer an
issue.

I am still worried about some of the application protocols, but I am not a applications guy. So I still think we should get this run through the applications area.

- kurtis -

Follow-Ups:
- Re: Site local
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

References:
- Re: Site local
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Re: network controls are necessary
Next by Date: Re: (ipv6mh) the Rebel Alliance meetings in Atlanta (long)
Previous by thread: Re: Site local
Next by thread: Re: Site local
Index(es):
- Date
- Thread