In message <[EMAIL PROTECTED]>, Daniel Senie
writes:
>At 06:00 PM 9/6/2005, you wrote:
>> >> The IETF has been doing extensive work on NAT traversal, have a look
>> >> and see if you can reuse some existing mechanism.
>>
>> > All mechanisms used with the possible exception of an additional SNMP
>> > table will be re-used from existing IETF work (mostly SSH with help
>> > from the fact that it's based on TCP).
>>
>>Perhaps then it's time we consider mandating a "NAT-Traversal" section to
>>standards track documents much like IANA and Security considerations have
>>become common place to this day. Anything that's not covered by the BEHAVE
>>work already done should be covered there, as the IETF seems to have indeed
>>accepted the proliferation and widespread acceptance of NAT functionality.
>
>Actually, a "Firewall Considerations" section would make sense. That
>section might indeed be a good place to discuss NAT issues, if any,
>but firewall interactions with protocols exist in many cases where
>NAT is in use. Though many have expressed their hope that NAT does
>not persist in the IPv6 world, there should be no doubt in anyone's
>mind that firewalls will be with us permanently.
>
Indeed. In Hal Burch's dissertation, he concluded that
at least 93% of hosts attached to the Internet are behind
a ltering device of some type. Because this excludes hosts
behind rewalls that block all incoming connection attempts,
the true percentage is even higher than 93%. Clearly,
rewalls are an important consideration when designing
protocols and developing models for the Internet.
More of his measurements concluded that at least 56% of hosts are
behind a firewall that blocks by default.
_______________________________________________
Ietf mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/ietf
