Le 25 oct. 2010 à 18:53, Fred Baker a écrit : > On Oct 25, 2010, at 9:32 AM, Keith Moore wrote: > ... > >> If there really is a need for NATs in the network (which has not been >> established) then it's incumbent for IETF to standardize them in such a way >> that applications still have a predictable environment which lets them do >> what they need to do (modulo policy). So far, IETF has not done that. What >> it has mostly done is fail to provide clear direction. > > Well, it actually has been established.
> That's the point the people you are so actively not listening to are trying > to make. Sorry to get the impression that, on your side, you are "actively not listening" to solutions that, being based on stateless automatic tunneling, do provide an alternative to NAT66, and have distinctive properties like e2e address preservation. > The need for address translation has nothing to do with topology obfuscation, > although that point is frequently brought up; if I can read your SMTP > envelopes I can figure out your topology well enough for any nefarious > purposes I might have. And it has nothing to do with address amplification, > which I suspect is what you're responding to as "unproven". > It has to do with the sizes of route tables in the core and the politics of > attachment at the edge. We do agree that we want PA-based multihoming. > ... > At the edge, there is a huge push for PI addressing. You can say that > shim6-or-etc enables the edge networks to be independent of their providers > by having a prefix from each of them; the edge networks are voting with their > feet in that regard and saying it's not a network they're willing to operate. > They want address independence, and they don't want to have to do anything > when they change providers. We do agree that this requirement makes a lot of sense for large private networks. > They see PI addressing as the solution. One solution, they are right, but the ONLY ONE, no. Don't you believe that, for smaller networks, e.g. those of SOHO's, multihoming should be made to work with PA's and SHIM6? > And I will argue that ILNP (which requires every host in the world to be > upgraded and therefore is IMHO a non-starter, although as a solution I prefer > it) Agreed that it is a non starter. > or NAT66 as proposed in this document (which reduces the problem to one of > updating CPEs by updating the checksum) handles both issues. AKAIK, NAT66 ins NOT compatible with SHIM6 (which requires hosts to know their global addresses). Do I miss something? > The transit networks get to view their route tables as entirely PA, and > therefore as having been advertised by O(10^4) ISPs or large corporate > networks, and the edge networks get the address independence they desire. > That may be "broken" from your perspective, but from the > guy-paying-the-money's perspective that is not broken. It is exactly what > they are looking for. > > > This is the last note that I will post to this thread. I'm really not > interested in further rehashing this. I have a life. Unfortunate indeed. Not that you have a life, of course ;-), but that, although you are a coauthor of the stateless NAT66 drafts, you seem to refuse to give answers to legitimate concerns people have about what you propose. One of these concerns is that, in my understanding: *NAT66 (be it stateless or stateful) is NOT compatible with SHIM6 because SHIM6 does require that hosts know their GLOBAL addresses.* Regards, RD > _______________________________________________ > nat66 mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/nat66 _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
