On Oct 25, 2010, at 12:19 PM, Fred Baker wrote: > > On Oct 25, 2010, at 8:42 AM, Chris Engel wrote: > >> Regardless, nothing the authors are doing with this flavor of NAT (unless >> I'm mistaken about it) should break end to end connectivity between devices >> running IPv6 since it's a 1:1 stateless mapping. A FW with statefull >> inspection and packet filtering rules would...but in that case the person >> deploying the FW WANTS that connectivity broken. If you're trying to argue >> that people should not be allowed to deploy FW's.... well then, good luck >> with that. > > Agreed. Not that there are not issues with prefix translation; there are > applications and application deployments that make the (for the past 15 years > indefensible) assumption that an address carried as a literal in an > application will be meaningful to its peer, and those applications will have > the same RFC 2993 problems that IPv4 NAT imposes.
Fred, it's not an indefensible assumption. It's how the Internet was designed to work. it's the behavior specified by the core Internet protocol standards. Applications need to have a predictable, well-documented environment in which to operate. Why in the world you think that networks should be able to violate the standards and that somehow it's the application developers' responsibility to adapt to whatever random brain damage the network operators decide to impose is beyond me. But it makes no sense from an engineering perspective. If there really is a need for NATs in the network (which has not been established) then it's incumbent for IETF to standardize them in such a way that applications still have a predictable environment which lets them do what they need to do (modulo policy). So far, IETF has not done that. What it has mostly done is fail to provide clear direction. Keith _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
