On Oct 27, 2010, at 5:14 AM, Keith Moore wrote: > IMO, a minimum requirement for any v6 NAT approved by IETF is that hosts/apps > MUST have a way to determine the external/global addresses associated with a > connection without needing an external server in global address space for ICE > or similar tricks. > This mechanism MUST be the same mechanism for all standard NATs.
I can think of ways to do that, for example for populating your Dynamic DNS entry, but it also has issues. Depending on the source address you choose (for example if you are in a multihomed host for which the default route in the network differs in the various subnets), you may take different exit gateways in routing, and therefore may have different addresses as seen by your peer. Ideally, ILNP or NAT66 minimizes that, but it is still a possibility in the local network. Hence, in order to accomplish that, you will have to in some way ask the routing system. ICE accomplishes it by routing a packet to a remote peer that can report your address as it perceived it. At minimum, I should think you would have to communicate with the DMZ that updates your prefix. As a result, I doubt that it will be a procedure you can execute autonomously, or that could be done by, say, your DNS server. > People need to stop insisting that hosts and apps don't need to know their > addresses. People are not insisting that applications don't need to know their own addresses. What people (I) are pointing out is that the assumption that your address is meaningful to someone *else* is a problem. This is the root cause of the issues raised in RFC 2993. On Oct 25, 2010, at 9:53 AM, Fred Baker wrote: > Anyone that puts IPv4 literals into HTTP or SIP/SDP headers *has* to use a > global address, or anyone across a NAT can't communicate with them. What I am > pointing out, in case you missed it, is that there is also a problem in the > transition/coexistence phase with the assumption that just because I speak > IPv[46] that you can speak IPv[46] and that there is a reliable route using > IPv[46] between us. Putting an IPv[46] literal into an application header is > not only stupid because of the coupling implied - that your address space and > mine overlap - but because of the coexistence coupling. _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
