Joris,
I'm not sure what your point is, but these email lists are solely for the
purpose of progressing the drafts of the NAT and IPNG working groups
respectively. If you have a comment on how you would change any outstanding
Internet Drafts, please let us know what those changes might be.
Specifically, it isn't (IMHO) useful to have discussions here about how you
assume people use NAT at home. I'm sure there is a better place outside the
IETF for such discussions.
At 08:56 PM 9/14/00 +0200, Joris Dobbelsteen wrote:
>I've read the drafts about NAT (finally),
>
>As Dan said, NAT will be used, what is not a problem if it's only - AND
>ONLY - used by home users that want to route there network to the Internet
>and have a simple (free) Internet account, that only provides one
>public/Internet IP address to them.
>
>Let's assume MOST (not all) home users won't make much use from all the
>security services that are provides, like IPSec (SSL, etc. with e.g. HTTPS
>is not a problem). They also don't have complex networks and only want to be
>able to use a web browser, send/receive e-mail and play a game on the
>Internet. Most of these services can be done over NAT, usually home users
>have only one network link, and a quite simple network.
>Actually, I like it on a home LAN, even with it's limitations....
>
>For better explanation, I mean with a Home LAN a network consisting of a
>single link with no routers, and (maybe) only one NAT router to the
>Internet.
>
>Businesses usually have more complex networks, require security services and
>things that don't work with NAT. For them NAT should be highly discouraged.
>
>However now the problem that arises, most computers will not be equipped
>with two network cards, where one is for the private network, and the other
>one for the Internet.
>Hope you understand what I mean???? Let me explain a bit better before you
>give comment (most likely needed)...
>
>
>Let's take the Microsoft Windows platform for example (e.g. Windows 98).
>This is the only platform where I have experience with IPv4 transports.
>
>Your computer is connected to a private network and has a private IP
>address. So why not add the public IP address to the same adapter to be used
>for the Internet connection?
>Well, Windows doesn't assign services (like file and printer sharing) to IP
>address, but to the Network adapter itself, regardless of any network
>protocol and it's configuration. This will mean everybody on the private
>network AND the Internet will access your computer using the MS File and
>Printer Sharing! This is only one service where the problem arises...
>
>And why can't we install an additional Network Adapter?
>This solution is not cost-efficient: It will require around $100 for every
>computer that needs a connection to the Internet, and not counting the cost
>for the UTP hubs needed.
>
>
>The solution to this problem is probably VPN, (IP-over-IP) tunneling or
>something similar. Maybe there are other solutions, but I'm not familiar
>with them or don't know of there existence.
>Maybe that software implementers can provide a virtual device driver that
>simulates a network adapter connected to the Internet and has IP tunneling.
>But I leave this discussion to the software implementers.
>
>
>Before I forget, some of you talked about Interface-local, link-local and
>site-local IPv6 address, but these cannot be used on the Internet, nor
>routed to the Internet without the translation that is subjected to retire
>after IPv6 (just like the private IPv4 addresses).
>
>
>
>
>- Joris
>
>
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Greg Maxwell
> > Sent: donderdag 14 september 2000 0:32
> > To: Dan Lanciani
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: (NAT) IPv6 and NAT
> >
> >
> > On Wed, 13 Sep 2000, Dan Lanciani wrote:
> >
> > [snip]
> > > discourage them from consuming it all. Offer the v6 space
> > on the terms that v4
> > > space was once available (i.e., free with nominal
> > justification documentation)
> > > and I'm sure people will use it.
> > [snip]
> > > The same argument applies to NAT. If ISPs make it
> > expensive to get extra v6
> > > addresses (based on the justification that addresses used
> > to be scarce?) then
> > > people will use NAT with IPv6. If ISPs make "stable" v6
> > addresses (i.e., ones
> > > that they do not deliberately renumber frequently) a
> > premium service then
> > > people will use NAT.
> >
> > Simple. Require that any group providing packet transport services (an
> > ISP) to provide address space to their users under the same set of
> > qualifications required for the provider to obtain address space at a
> > maximum.
> >
> > This would be enforced by making compliance mandatory for
> > address space
> > allocations (thus making the requirement recursive (i.e users
> > of user of
> > users).
> >
> > This would not effect a providers ability to otherwise sell transport
> > services under whatever contract their customers and they agree opon.
> >
> > It would also simplify justification documentation for providers, just
> > concatenate their user's justification documents with their
> > own to form
> > their application.
> >
> > I believe this is the only way to break the idea that network
> > addresses
> > are a valuable commodity and to prevent NAT.
> >
> > > Although the standard claim is that NAT breaks the end-
> > > to-end model we all like (and note that I have personally
> > never liked NAT),
> > > NAT shines at preserving the stable-address model that is
> > deeply embedded in
> > > many protocols and applications. NAT has already proved
> > itself: many useful
> > > applications work just fine in spite of the loss of the
> > end-to-end model.
> >
> > NAT is abominable. It subtlety breaks things and hides the
> > cause. It is
> > full of exceptions and gotchas.
> >
> > One layer of NAT can be manageable when the network is small
> > and has only
> > a single outside path.
> >
> > However, as networks become large and better innerconnected, peering
> > address conflicts on NATed networks necessitate multiple layers of NAT
> > causing a complicated 'WHO's on first?' situation. Furthermore, the
> > statefulness required by many->one NAT (and one-one for some
> > protocols)
> > makes many types of highly-available configuration virtually
> > impossible to
> > achieve. Indeed, virtually all NAT solutions force there to
> > be a single
> > point of failure or a single site of failure.
> >
> > NAT is a descent into madness.
> >
> > > I happen to think that ISPs will charge a premium for
> > multiple and/or stable
> > > v6 addresses because that is the status quo and because the
> > market will bear
> > > it.
> >
> > I agree unless they are required not to practice this harmful
> > activity.
> >
> > The legally required goal of a corporation is to maxmize shareholder
> > profits. This goal may at times conflict with the goal of providing a
> > global, scalable, available, and optimally useful network
> > infrastructure.
> >
> > Indeed, a heavily NATed internet enviroment would create many
> > additional
> > network contracting and consulting jobs.
> >
> > > Thus, I suspect that NAT will remain quite active if/when
> > IPv6 is deployed.
> >
> > If it does IPv6 will fail.
> > An IPv6 NATatopia would offer no benifit to consumers or
> > providers over an
> > IPv4 NATatopia.
> >
> > > I think this is unfortunate--again, I'm no fan of NAT--but
> > it's probably too
> > > late to do anything. While it certainly would have been
> > possible to structure
> > > IPv6 in such a way that end users could allocate identity
> > addresses independent
> > [snip]
> >
> > > So the market pressures will continue to operate in an IPv6
> > environment just as
> > > they have in the IPv4 one. All IMHO, of course...
> >
> > I think the solution is obvious: If a detrimental behavior is expected
> > then simply forbid it.
> >
> > There is no point to being wishey-washey. Progress is not made by
> > the mediocre.
> >
> > Gregory Maxwell
> >
> > --
> > The comments and opinions expressed herein are those of the
> > author of this
> > message and may not reflect the policies of the Martin County Board of
> > County Commissioners.
> >
> >
> > --------------------------------------------------------------------
> > IETF IPng Working Group Mailing List
> > IPng Home Page: http://playground.sun.com/ipng
> > FTP archive: ftp://playground.sun.com/pub/ipng
> > Direct all administrative requests to [EMAIL PROTECTED]
> > --------------------------------------------------------------------
> >
>
>-
>To unsubscribe, email '[EMAIL PROTECTED]' with
>'unsubscribe nat' in the body of the message.
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
