Hi Joel, On 28.09.2011 22:10, Joel M. Halpern wrote: > There seem to be a number of assumptions, some of which I suspect I am > misunderstanding, in the case being described.
Yes, I guess so. > I tend to make two assumptions: > 1) Even low end intra-automotive devices can cope with multiple addresses > 2) Even low end automotive-internal devices will need to communicate > externally. Yep, but 2) isn't true for all automotive devices. Only a part of them needs communication to the public Internet. > From what you have described, it seems that all such extenral > communication (whether to another vehicle, to a trusted monitoring > entity, or to the Internet, will have to go through what you describe as > a "proxy" which will deal with changing the IPv6. It's not about changing the IPv6 address (like a NAT) in the first place, but about having a security gateway as a first line of defense against attackers. > Put differently, the only application communication will be via an ALG. No, that's not totally correct. Internal application communication doesn't have to go through an ALG, only external communication. Furthermore, devices in an untrusted, external zone may communicate freely to the Internet, but not freely to the internal devices. > Based on our experience, that seems to be a very bad design target. I fully agree with this for ordinary networks and I'm well aware of all the problems with NATs/ALGs and the like concerning e2e transparency, complexity etc. The intended architecture is similar to common firewall architectures with DMZs. > And it seems unnecessary for the goal of having stable itnernal > addresses for internal communication. Sure, with your assumption 1), devices may use several addresses simultaneously which is a very common scenario with IPv6. If the device, however, gets an external publicly reachable address, it may be attacked directly. Security is the only reason for following such a gateway architecture, which is similar to firewall architectures that are widely in use. If you have something avoiding this and providing the same level of security, I'm all ears. :-) Regards, Roland -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
