On 3-okt-2007, at 18:54, Daniel Senie wrote:
it works.
O really? When was the last time you successfully transferred a file
using IM?
By policy, I generally block file transfer over IM at security
boundaries
What does that have to do with anything? It still doesn't work
reliably, or even most of the time. That it's not something you want
or need makes this irrelevant for you but it doesn't make NAT work.
If you want NAT, please come up with a standards document that
describes how it works and how applications can work around it.
Been there, and done that. Please go read RFC 3235
I was done reading the IPv6 section very quickly...
Nice start, but it only provides some obvious guidelines to protocol
designers, this isn't good enough to base the architecture of the
entire network on.
If we're successful, there'll be plenty of time to go back and
re-evaluate NAT afterwards when IPv6 exhaustion is a distant memory.
Right. Building something that can't meet reasonable requirements
first and then getting rid of the holes worked so well for the email
spam problem.
This is a rather disingenuous argument. You might look at the
history of TCP, which has had several tweaks over the years as more
was learned. In trying to have every duck perfectly in a row, IPv6
is quite late to the party. Even NASA launches deep space probes
before operational software is finished, and updates it in flight...
The crucial difference is that there is an upgrade path. There is no
upgrade path from a network with NAT to a network where you don't
have to work around NAT. That's why it's so important to keep the NAT
in IPv4 and not let it sneak into IPv6.
