> Firewalls don't get upgraded to support SCTP and DCCP because > applications are all limping along with TCP and UDP. Egg: > meet chicken.
Sounds like a good area for standardization so that this state of affairs is not carried forward into IPv6. And especially, if there is a standard way for upstream gateways with stateful filtering to talk to end hosts with stateful filtering, then the two of them can agree to divide the work such that the DCCP-related code runs on the end host. > If NAT between PA and ULA-C unicast addresses solves a > problem for somebody, without breaking anything important > that isn't already broken by something else we've already > done, then why shouldn't we be pragmatic and define a mostly > sensible way for them to do it? No. End hosts that need to communicate on the Internet should have globally unique IPv6 addresses end-to-end. ULA is for end hosts that do not need to communicate beyond the boundaries of an administrative domain. And since IPv6 allows multiple addresses per end-host, those hosts who need to be schizophrenic can use both ULA and globally unique addresses. Network Address Translation does not seem to offer anything new here. --Michael Dillon -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
