On Mar 20, 2009, at 13:23, Keith Moore emitted:
Internet nodes should be e2e reachable unless there is explicit policy to the contrary from an enterprise network where the traffic originates or terminates.
RFC 4864 also recommends that unmanaged residential networks have gateways that enforce such policies by default in the absence of explicit user intervention to turn it off. That's not the only documentation of IETF consensus on the subject, but it's the one that burns for me.
It's been years since I was pilloried [NB: not in IETF] for suggesting that the recommendation of residential firewalls by default in RFC 4864 should be reconsidered before the draft's final publication. Not very many IETF participants came to my defense, much to my surprise and dismay. (Itojun was among the few who honored me with support, and I miss him sorely now.)
I think the consensus is clear: IETF and IAB have capitulated on end- to-end reachability, and the conflict is over now. The end-to-end action is all about addressability today.
Soon, after NAT66 is approved for the standards track by IESG, despite the "strong recommendations" from the IAB in this draft, end-to-end addressability in IPv6 will be the result of explicit coordination between address realm operators rather than a reasonable expectation of the public Internet in general. Just as it is today with IPv4. End-to-end in IPv6 will be a fleeting memory of what could have been.
I've seen the argument frequently advanced that the success of the Internet no longer depends on the end-to-end principle. The continuing success of the Internet despite the ubiquitous deployment of IPv4/NAT is often cited as the proof of it. I've yet to see anyone meet with success trying to rebut that argument before audiences who cannot imagine and/or do not care what future applications might be made practical only if end-to-end addressability were to be considered a feature of the Internet rather than an error.
-- james woodyatt <[email protected]> member of technical staff, communications engineering _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
