james woodyatt wrote: > On Mar 19, 2009, at 20:39, Lixia Zhang wrote: >> >> We should have sent a FYI about this draft earlier. Comments are most >> welcome! > > There are three places in the draft where the phrase "end-to-end > reachability" is used when I would say that "end-to-end addressability" > would make the point more clearly. Because IAB and IETF have well > embraced the notion that policy enforcing stateful firewalls should be > widely deployed in the Internet, we've long ago pitched out the notion > that Internet nodes should be end-to-end reachable.
Internet nodes should be e2e reachable unless there is explicit policy to the contrary from an enterprise network where the traffic originates or terminates. The argument over > NAT has always been about end-to-end addressability, not reachability. Disagree. NATs impair both addressability and reachability, and we do a disservice to the community if we pretend otherwise. NAT (really NAPT) does harm to reachability because it blocks traffic in one direction even if this is not explicit policy, and NAPT limits the flexibility of a site to choose a policy that takes application usage into account. NAT can also impair reachability when binding state is lost or discarded. Keith _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
