border devices [was Re: Draft of updated WG charter]

[Brian E Carpenter <brc@zurich.ibm.com>]

Vijay,

We are not designing for an IPv6 network already ruined by NATs.

It is true that firewalls will still exist, but any IPv6 firewall
will have to deal with multiple addresses per host in any case.

   Brian

vijay gill wrote:
> 
> On Fri, Jan 09, 2004 at 08:58:18AM -0500, Noel Chiappa wrote:
> 
> > If the WG as a whole agrees with you (and this is an important point to nail
> > down - my guess would be that they do not), then you've basically eliminated
> > all solutions to the problem other than recycling Mobile-IPv6 mechanisms
> > (since the charter rules out "let the routing do it", which means it has to
> > be done via use of multiple addresses).
> >
> > I'm curious as to why you want to rule out any changes to the end-hosts. I
> > note that Mobile-IPv6 didn't restrict themselves in this way.
> 
> Significant amount of users that are multihomed have a setup that
> accepts defaults from two providers, and anounces their blocks to
> both upstreams. They receive no more information than the fact
> that their connection is up. No routing tables, no prefixes, just
> a quadzero.
> 
> (users defined as an enterprise, not the invididual computer user
> obviously)
> 
> The end user system is often nat'd, and run through a stateful
> firewall and all the information _they_ have is an ip address
> of the gateway via dhcp.
> 
> Any end-host updating solution must work through this gobbledegook.
> 
> /vijay

-- 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Brian E Carpenter 
Distinguished Engineer, Internet Standards & Technology, IBM 

NEW ADDRESS <brc@zurich.ibm.com> PLEASE UPDATE ADDRESS BOOK