[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The argument for writing a general purpose NAT for IPv6



On Apr 17, 2007, at 13:38, Gert Doering wrote:
I don't think this discussion can be used to conclude how "the IETF  
thinks" (but unfortunately, the IETF decision process is a bit on  
the slow side).
Are there any other ways to determine what the IETF thinks?  Are  
working group discussions *not* the formal record of IETF deliberations?
By the way, this discussion has forked in the BEHAVE working group,  
where we are talking about precisely what to do about the passive  
endpoint problem.  Apparently, there is still some unresolved  
controversy about the proper behavior of asymmetric packet filters.   
It remains non-controversial that asymmetric packet filters should  
and will be ubiquitous in the IPv6 internet.  The controversy is only  
about whether they should use endpoint-independent filtering or  
endpoint-dependent filtering.  In either case, we will still need  
ALG's and/or some kind of functional equivalent to UPnP IGD and NAT- 
PMP in IPv4/NAT.  Solutions of the STUN/ICE kind are of insufficient  
utility because they depend on 3rd-party nodes in the network to  
facilitate the signaling that allows endpoints to exploit the side  
effects in asymmetric packet filters.
My purpose in this thread of the V6OPS working group is constrained  
to raising the awareness within IETF about it potentially encouraging  
the development of NAT for IPv6 to solve some of the problems with  
the need to enhance stateful packet filters with application layer  
gateways.  That seems like something the V6OPS working group might  
want to be tracking.  So far, I haven't seen any compelling arguments  
not to move forward with my plans, but I've still got some time to  
argue it out.

--
j h woodyatt <jhw@apple.com>