On Monday, July 4, 2016, Baldur Norddahl <baldur.nordd...@gmail.com <javascript:_e(%7B%7D,'cvml','baldur.nordd...@gmail.com');>> wrote:
> On 4 July 2016 at 11:41, Masataka Ohta <mo...@necom830.hpcl.titech.ac.jp> > wrote: > > > With end to end NAT, you can still configure your UPnP capable NAT > > boxes to restrict port forwarding. > > > > Only if you by NAT mean "home network NAT". No large ISP has or will deploy > a carrier NAT router that will respect UPnP. That does not scale and is a > security nightmare besides. > > We could deploy MAP > https://en.wikipedia.org/wiki/Mapping_of_Address_and_Port (which scales) > and the user could then use the belowed "end to end NAT" method on that. > But why would they? MAP requires IPv6 so they already have end to end > transparency using IPv6. > > Regards, > > Baldur > Always so funny how people love talking how great MAP scales, yet it has never been deployed at scale. 464XLAT and ds-lite have been deployed at real scale, so has 6RD. MAP is like beta max. Technically great, but reality is poor.