From: Paul Robinson [EMAIL PROTECTED]
of course, if after a couple of years it isn't working, there is nothing
stopping the IETF rescinding, and supporting IPv4 once more due to
customer pressures. :-)
Hello? That's where we are *now*.
May I remind you that IPv6 has been
From: grenville armitage [EMAIL PROTECTED]
a dictionary is hardly a compelling substitute for going direct to the
paper(s) in which the end to end principle has been articulated.
I couldn't agree with your suggestion more; were I Tsar of the Internet, I'd
make it a rule to bind
From: Keith Moore [EMAIL PROTECTED]
the reason I point out the flaws with NAT is .. because some people
are still of the belief that NATs are mostly harmless and that we
should not only permit them into v6, but extend our architecture to
embrace them.
Keith, that's
From: Keith Moore [EMAIL PROTECTED]
That means that i) NAT+v4 is here to stay, permanently, as the
packet-forwarding substrate on which we have to live, and ii) many
solutions to the NAT problem have a badly faulty key premise -
which is that the solution will fix IPv4's
From: Michael Thomas [EMAIL PROTECTED]
we're being driven as a community to do both with the ensuing insanity
of two broken models being forced to cohabitate, all the while neither
meeting the actual requirements.
Time to hit the reset button on our current direction, I would
From: Eric Rescorla [EMAIL PROTECTED]
(2) NAT solves at least some of those problems, at some
cost (say Cn), both financial and operational and
that solution has benefit Bn.
(3) The fact that a large number of people have chosen
to use NAT is a strong
From: S Woodside [EMAIL PROTECTED]
Does that mean that a NAT is a workable firewall but introduces
undesirable side effects? Is it (or could it be) possible to make an
equally workable firewall, at a low price, that doesn't introduce to
constrained policy capabilities?
From: Keith Moore [EMAIL PROTECTED]
that's an oxymoron. the basic premis of NAT is fundamnetally broken.
Just out of interest, do you complain about gravity too?
We lost our chance to avoid NAT's when variable length addresses were removed
from TCPv2.5 (IIRC the version number
From: Tony Hain [EMAIL PROTECTED]
'anti-spam' is the wrong focus. Spam is a social problem, not an
engineering one.
Sorry, I don't agree with this logic: if it's valid, then why try to design
better locks, since theft is a social problem?
Noel
From: Anthony Atkielski [EMAIL PROTECTED]
In the world of postal mail, the same problem of spam exists, and there
is no solution to it. .. the one and only way to separate the truly
useless mail from legitimate mail is to hire human beings to sort
through it. There isn't
From: Dean Anderson [EMAIL PROTECTED]
If the corporation (like hotmail) brings in less than $1 per month from
each user, pays all .. from this revenue, then quite clearly, there are
no hidden costs, as you assert.
Clearly, spam can not cost more than they bring in, in
From: Dean Anderson [EMAIL PROTECTED]
it is the case that _protocols_ can do nothing about spam. So, there is
nothing for the IETF to do
Not necessarily so.
First, if people agree that charging for email is needed, or some equally
significant change (and clearly the existing
From: Keith Moore [EMAIL PROTECTED]
actually it's bad to force all apps to use DNS names - which are often
less reliable, slower, less correct, and more ambiguous than IP
addresses.
This is like saying it's bad to force people to use cars/busses/whatever
because they
From: [EMAIL PROTECTED]
Effectively this could be resolved by having one globally
unique identifier per node.
Paging Noel Chiappa Paging Noel Chiappa ;)
Ah, one moment, if I may:
his books, he always said, contained the teachings of his master,
Socrates; ...
From: Tony Hain [EMAIL PROTECTED]
your general perspective highlights the problem at hand. ..
the routing community believes the address is the topology locator,
while your Dave's comments show the app community believes it is an
identifier.
To paraphrase Clint Eastwood
From: Keith Moore [EMAIL PROTECTED]
HIP only solves part of the problem ... it doesn't provide any way of
mapping between that identity and an address where you can reach the
host.
A system doesn't have to provide mechanisms to look up mappings from
any-name to any-other-name
From: Keith Moore [EMAIL PROTECTED]
it does need to provide such mechanisms in order to provide useful
endpoint identifiers.
I don't think you can make such a blanket statement without some more
analysis. For example:
without a mechanism to map the endpoint identifier to an
From: Lloyd Wood [EMAIL PROTECTED]
Do you like quoting dictionary definitions but don't know the
background of how the definitions developed? .. Are you horribly
literal-minded but horribly illiterate?
Acrynomius, n,; to become acrimonious over the definition of 'acronym'.
I was reading a paper by Paul Francis and Ramakrishna Gummadi, and a
reference caused me to re-read an interesting-sounding old paper they
referenced (RFC-1380, IESG Deliberations on Routing and Addressing) to
refresh my memory of it, and further to read similar documents it referenced
(e.g.
From: Perry E. Metzger [EMAIL PROTECTED]
Identifier/locator separation has been a topic of conversation at the
IETF for at least the last decade if not longer. In spite of this
continuous interest, an actual fruitful proposal has yet to arrive.
As you seem to have forgotten
From: Caitlin Bestler [EMAIL PROTECTED]
Given the source interface, the *meaning* of an IP header is not
supposed to be dependent on the routing tables. ..
By contrast, the meaning of an ATM circuit is dependent on the context
in which it was established. There is no
From: David J. Aronson [EMAIL PROTECTED]
I'm only on the regular IETF list .. and I eventually got it four times
too
I think there's some bug in the mailer that handles the IETF list. For the
past couple of months, I've often seen longer messages get multiplicated (e.g.
in the
From: [EMAIL PROTECTED] (Dan Kolis)
off topic, but it effects this community
You're correct, and I hope I will be afforded some latitude for replying, but
I can't resist the opportunity to bring to everyone's attention a truly great
book, one which happens to have material bearing on
From: Joe Touch [EMAIL PROTECTED]
our interpretation of Robustness Principle applied to this problem
dictated that we .. had to accept either ~(+0) or ~(-0) in received
segments.
Strictly speaking, either zero state is completely legal,
as per RFC1624 section 3,
From: Tony Hain [EMAIL PROTECTED]
it may be more convenient to have the border deal with DOS, but is it
*required* as Noel asserted?
First, there's good idea, required, and *required*. It's *required*
that your computer have a test-and-branch instruction to be a Turing machine.
From: Keith Moore [EMAIL PROTECTED]
it seems disingenuous to blame the NAT problem on users when the NAT
vendors are doing their best to mislead users about the harm that NAT
does.
Oh, piffle. NAT's don't harm the Internet, any more than a host of other
things: invisible Web
From: Brian Lloyd [EMAIL PROTECTED]
When all you have is a hammer, everything looks like a nail.
...
I must admit, we all laughed when Karl Fox indicated that he had
implemented PPP over TELNET back in 1993 or so. We thought it a
hilarious joke. I guess my blood
From: Vernon Schryver [EMAIL PROTECTED]
Anyway, simple protocols, like PPP and ARP (another canonical subject
of abuse) get reused in vile ways because the architecture which they
are components of is fundamentally under-provisioned with mechanisms.
The architectures
From: David R. Conrad [EMAIL PROTECTED]
More realistically, some might consider IPv4 address allocation
policies as discouraging the growth of the Internet (I am not among
them)
...
** Most, if not all, of the same people who are refused IPv4 address
** allocations
From: Keith Moore [EMAIL PROTECTED]
forcing most of the internet into a tree structure has its own scaling
problems.
A tree structure is not at all needed. What is needed is more aggregation.
Please see the definitive mathematical analysis of routing scaling via
aggregation:
From: Steve Deering [EMAIL PROTECTED]
This is kind of a ways from my original point, which was simply griping about
this continued irritating claim that there's no fully worked out example of
separating location and identity, but what the heck...
Way back in June of 1992 on the
From: Perry E. Metzger [EMAIL PROTECTED]
There is a school of thought that seems to believe that IPv6 is a
failure because it only solves a quite narrow although extremely
important problem -- specifically address space exhaustion.
The fact that it does not solve the
From: Perry E. Metzger [EMAIL PROTECTED]
People frequently propose endpoint identifiers and routing
identifiers be separated but no one has ever come up with a worked
proposal that was less flawed than the current mechanism.
I always find it incredibly funny when IPv6
From: Perry E. Metzger [EMAIL PROTECTED]
People frequently propose endpoint identifiers and routing
identifiers be separated but no one has ever come up with a worked
proposal that was less flawed than the current mechanism.
the IPv6 protocol suite contains a very
From: Perry E. Metzger [EMAIL PROTECTED]
The fact that it does not solve the global routing table meltdown is,
according to such people, an obvious failure of v6 -- never mind that
they are unrelated issues.
How does the fact that they are somewhat unrelated issues in
From: Robert Elz [EMAIL PROTECTED]
no fully worked out example of separating location and identity
... given the existence of an *IPv6* mechanism that does just that.
this is really not a very realistic claim.
Mobile IP doesn't separate location and identity really -
From: SRD Ye JianLiang [EMAIL PROTECTED]
Have any web sites go dark for Iraq and Jugoslavia?
Thank you for this insight into the thinking of ordinary people in
China. We won't forget it.
Noel
From: Bob Braden [EMAIL PROTECTED]
I don't get why label swapping is any simpler than hop/hop forwarding.
At the time when tag-switching (to give it its original name - well, actually,
as someone pointed out, it was Ipsilon's product that started the trend, and
tag-switching from
From: Jose Manuel Arronte Garcia [EMAIL PROTECTED]
1. ARP's function is to resolve IPv4-MAC addresses (32-bit-48-bit)
2. Ipv4 addresses are running out.
Why the IPv4 development team did not implement a simpler mechanism for
IP addresses? ... If they had done this
No doubt Hitler thought the same.
Oh, good, this thread is now (according to Godwin's Law) terminated, so it
will stop filling my mailbox with worthless junk.
Noel
From: Jim Fleming [EMAIL PROTECTED]
If the IETF is so cluefull, how could it create complex problems in the
first place ?
Ah, in case you hadn't noticed, the Internet is becoming very large, and very
large things are usually complex.
Noel
From: "Mike O'Dell" [EMAIL PROTECTED]
the distinction is often based on the namespace used for making the
forwarding decision
the term "router" is *usually* applied to a device which is examining
an L3 token ... a switch is usually examining a token other than an IP
From: "David R. Conrad" [EMAIL PROTECTED]
IPv6 does not solve the need to renumber if you change providers ...
Until that issue is addressed, there will be NATs. Even for v6.
Oh, I can't resist:
It's completely appalling that when I move to a new house, my street address
Critics of ICANN will likely request that the committee make ICANN
reopen the selection process. ... Other critics include the ACLU and
many of the unsuccessful TLD applicants, several of which might take
ICANN to court.
With any luck, ICANN will be replaced with something
From: Keith Moore [EMAIL PROTECTED]
If this group takes the attitude that NATs are inherently broken and
that there's really no way to fix them in the long term without phasing
out the NAT part, it's much more likely to produce something useful
than if it tries to find a
Can people *please* trim the CC list on this thread - and in particular, make
sure to remove "Info-Explorer"? I'm so tired of getting three copies of
everything...
Noel
For those of you with a historical bent, you may find:
http://ana-3.lcs.mit.edu/~jnc/tech/IntFeb82.jpeg
rather interesting. It's a topological map of the Internet, circa February
1982, drawn by none other than Jon Postel himself.
Noel
PS: Those of you with sharp eyes will notice
From: Geoff Huston [EMAIL PROTECTED]
part of the characteristics of today's Internet is that its is
flattening out. The concept of hierarchical connectivity with
'upstreams' and 'downstreams' ... as I understand the current
deployment plan there are TLAs and sub TLAs,
From: "Perry E. Metzger" [EMAIL PROTECTED]
What is technically wrong with v6 that isn't already technically wrong
with v4?
Thank you, Perry, you've put it in a nutshell.
Noel
From: Bradley Dunn [EMAIL PROTECTED]
I do think that there is a definite causal relationship between the
address space shortage and the number of prefixes in the routing tables.
People who allocate addresses .. use slow-start algorithms in their
allocation policies due
From: Keith Moore [EMAIL PROTECTED]
if you try to build a global network out of limited-scope addresses you
eventually end up reinventing IP at a higher layer.
Err, did you perhaps mean "end up reinventing globally unique addresses
somewhere else in the system"? :-)
From: "Perry E. Metzger" [EMAIL PROTECTED]
Several layers of NAT has become common
This is have a hard time fathoming - not that I'm doubting that people do it,
mind.
I mean, I can understand it is a temporary thing, e.g. if one company buys
another, and in gluing the networks
From: "Perry E. Metzger" [EMAIL PROTECTED]
you're ideologically opposed to deploying v6 instead of against it for
technical reasons?
Ah, *that's* what's wrong with IPv6 - it doesn't pay enough attention to
control of the means of production by the workers.
And here I was, all
From: Geoff Huston [EMAIL PROTECTED]
There are strong indications that NAT is one factor behind this part of
the BGP table.
I'm afraid I'm missing the logic here. As you point out below, NAT's may have
caused people to use *smaller* blocks of the global address space:
much
From: Geoff Huston [EMAIL PROTECTED]
[NAT's] shouldn't have any effect on the *number* of [address]
blocks (i.e. things which can potentially produce global routing table
entries).
... So the number of distinct "local areas" is still the same, yes?
And NAT's
From: Keith Moore [mailto:[EMAIL PROTECTED]]
the problems with NAT are not generally due to implementation. they
are inherent in the very idea of NAT, which destroys the global
Internet address space.
From: Dave Robinson [EMAIL PROTECTED]
How does the idea of NAT
From: v guruprasad [EMAIL PROTECTED]
One basic reason Nimrod is still ugly is that it leaves us to deal with
real addresses.
If you find a way to select paths in real networks using only virtual data,
we'd all be interested to hear it.
Noel
PS: The issues of i)
From: "Eliot Lear" [EMAIL PROTECTED]
I'm interested in putting something in front of a trade press person
that they cannot ignore. Perhaps the watermark should simply be
"REJECTED or EXPIRED".
Somehow I doubt this will work. Nobody's going to try to scam a trade press
person
From: Keith Moore [EMAIL PROTECTED]
if IETF starts providing a reliable archive of I-Ds, I-Ds will be
referenced more often in external documents
I suppose the risk here might be reduced a tiny bit if such an archive
didn't make old I-D's available directly (i.e. via a URL) -
From: Daniel Senie [EMAIL PROTECTED]
For all the sites in the world who'd LIKE to be able to have an
upstream to provide IPv6, but for whom such doesn't exist ... some
one or few organizations should look into buying a block of IPv6
space, setting up a few routers which
From: Rick H Wesson [EMAIL PROTECTED]
this stems from the lack of engineers intrest in politics, until its
too late.
Err, not quite. That's what sad, actually - the point I made was a policy
point, not a technical point - and thus presumably one that someone doesn't
need to be an
From: Greg Skinner [EMAIL PROTECTED]
the last report I heard featured an interview with Don Telage of NSI.
Apparently, the commission had considered doing this "zoning" based
on TLDs, but now they're looking at IPv6 address space.
Oh, goody.
No doubt all *sorts* of people
From: "Dawson, Peter D" [EMAIL PROTECTED]
the ISOC holds a copyright license on RFCs that permit them to be
published and freely copied
does this imply (if I understand you correctly) that royalty payments
(on such publications) are made to both Authors/ISOC ??
Perhaps
From: Greg Skinner [EMAIL PROTECTED]
I think it was on CIDRD, actually, no?
I don't think so.
Well, it turns out that Paul Resnick's draft (which did come out as an I-D,
draft-ietf-cidrd-mktbased-alloc-00.txt) was discussed at some length on CIDRD
in February, 1996. But it
From: "Scot Mc Pherson" [EMAIL PROTECTED]
Actually what happened, was I received this virus from a trusted friend
... I am just glad that I didn't have any e-mail lists in my "address
book"
That's actually an interesting bit of "social engineering" on the part of the
virus
From: Keith Moore [EMAIL PROTECTED]
You appear to be saying that because historically people screwed up
configuring their DNS that it is impossible to rely on the DNS for
critical infrastructure.
I wouldn't say 'impossible'. My point is that it is more difficult to
right, noels wrong.
Noel is happy to wait, and see who's right. (I've been through this exact
same experience before, with CLNP, so I understand the life-cycle.) So far,
I've been waiting for quite a few years with IPv6, and so far I'm right.
Let's see, how many years have these standards
From: Brian Lloyd [EMAIL PROTECTED]
I was thinking about your message, and something from my exchanges with Keith
Moore suddenly popped into my head with great clarity. I think it's the
answer to your question immediately below - and it has some very grave
consequences.
Although it's
From: Matt Holdrege [EMAIL PROTECTED]
The basic key *architectural* problem with NAT ... is that when you
have a small number of external addresses being shared by a larger
number of hosts behind some sort of "address-sharing" device, there's
no permanent association
From: Keith Moore [EMAIL PROTECTED]
IPv6's claimed big advantage - a bigger address space - turns out not to be an
advantage at all - at least in any stage much short of completely deployment.
IPv6 deployment is going to have to be driven by IPv6's *other* features, and
when you take
From: Keith Moore [EMAIL PROTECTED]
I don't see what you're getting at. the outside sites may be running v4
with a limited number of external addresses ... if they are running v6
they will have plenty of external addresses.
Not external *IPv4* addresses, they won't - which
A couple of routing points, not related to NAT:
From: Ian King [EMAIL PROTECTED]
so that it is realistic for businesses to regularly ask for assignments
in more granular chunks; rather than grabbing a class A-size space
"just in case", big users would be willing to request
From: Jeffrey Altman [EMAIL PROTECTED]
I am not a IPv6 proponent other than
Well, I'm not exactly a big fan of NAT boxes either. Disgusting kludges.
However, I've generally found that it's not really very useful to go around
saying "it's not really raining, it's not really raining"
From: "Dick St.Peters" [EMAIL PROTECTED]
The authors of the standard had the vision to foresee ...
they designed a protocol flexible enough to encompass things they
could not foresee.
Pardon me if I emit a "balderdash".
There's this tendency to act like IPv4 was handed down
From: Yakov Rekhter [EMAIL PROTECTED]
the fundamental architectural premise of NAT's *as we know them today*
- that there are no globally unique names at the internetwork level
I would say that the fundamental architectural premise of NATs is that
globally unique names
From: Daniel Senie [EMAIL PROTECTED]
The counter argument is that for the Home Networking case, which is a
HUGE market, it is indeed cheap and easy to use. ... NAT can be used
for a variety of things. Perhaps we can agree that it's a good hammer
when the nail is a home
From: "Perry E. Metzger" [EMAIL PROTECTED]
When you've been awakened in the middle of the night every night for a
week, because the NAT rules to deal with the fact that you have several
intercommunicating networks all of which think they're 10.0.0.0/8
... Anyone out
Everyone, this conversation isn't really going to be very productive. The
people who like A aren't about to start liking B, and vice versa. (And then
there are the people who don't like either - but they aren't going to change
their minds either! :-) So discussion on this point is not going to be
78 matches
Mail list logo
