nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: the alleged evils of NAT, was Rate of growth on IPv6 not fast enough?

From: Owen DeLong <owen () delong com>
Date: Tue, 27 Apr 2010 11:41:05 -0700

On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:


Andy Davidson wrote:

On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
 

Did you use Yahoo IM, AIM, or Skype?
     

Yes, yes, and yes.  Works fine.
   


What about every other service/protocol that users use today, and might be invented tomorrow ?  Do & will they all 
work with NAT ?
 


Anyone inventing a new service/protocol that doesn't work with NAT isn't planning on success.


Respectfully, I disagree.  There are many possible innovations that are available in a NAT-less world and it is 
desirable to get to that point rather than hamper future innovation with this obsolete baggage.


Do many others work as well or act reliably through NAT ?
 

Yes.


In reality, it's more like some yes, some not so much.


Will it stop or hamper the innovation of new services on the
internet ?
 

Hasn't so far.


Here I have to call BS... I know of a number of cases where it has.


The answer to these questions isn't a good one for users, so
as the community that are best placed to defend service quality
and innovation by preserving the end to end principal, it is our responsibility to defend it to the best of our 
ability.
 

Firewalls will always break the end-to-end principle, whether or not addresses are identical between the inside and 
outside or not.


Yes and no.  Firewalls will always break the idea of global universal end-to-end reachability.

The do not break the end-to-end principle except when NAT is involved.

The end-to-end principle is that the original layer 3+ information arrives at the layer 3 destination un-mangled by 
intermediate devices when it is a permitted type of traffic. Blocking unwanted flows does not break the end-to-end 
principle. Maiming and distorting data contained in the datagram, including the headers, on the other hand does break 
the end-to-end principle.


So get busy - v6 awareness, availability and abundancy are
overdue for our end users.
 

Maybe. Most of them are perfectly happy.


This word Most, it does not mean what you appear to think it means.

Owen
Previous By Date Next
Previous By Thread Next

Current thread: