the problems with NAT are not generally due to implementation.
they are inherent in the very idea of NAT, which destroys the
global Internet address space.
Keith
I am not sure exactly how IETF meetings are executed
or how business is conducted, but the group may
consider occupying an indoor stadium, etc. With the
basic floor space available (convention like)
organizers would be able to resize areas to fit
audiences accordingly.
More importantly sooner or
--On Thursday, 14 December, 2000 19:06 -0600 Matt Crawford
<[EMAIL PROTECTED]> wrote:
>> But in retrospect, one thing he said bothered me greatly. He
>> mentioned there were representatives of some five hundred
>> different organizations at this meeting. That too is
>> impressive. But it's
I would think the best thing that can be done is to
broad cast the findings as clear and loudly as
possible to the largest possible audience.
The global community as a whole will see who is
actively 'taking ideas for their own' and the thieves
will get theirs in their own special way. Perhaps the
How does the idea of NAT destroy the global Internet address space?
-Original Message-
From: Keith Moore [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 15, 2000 4:05 AM
To: M Dev
Cc: Sean Doran; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: NATs *ARE* evil!
the problems with N
> How does the idea of NAT destroy the global Internet address space?
because in a NATted network the same addresses are used in different
parts of the network. addresses are meaningless.
On 14 Dec 2000 at 17:31 -0800, Dave Crocker apparently wrote:
> At 03:58 PM 12/14/00 -0800, Scott Brim wrote:
> >Building on a previous suggestion:
>
> Just to be clear, my suggestion is diametrically opposed to the list that
> you specified.
>
> You are suggesting very tight queue management.
> I think we need to look to the future where
> three thousand participants are going to offer up
> their ideas and we need to be able to take advantage
> of those resources without stuff "getting dropped"
> simply because of the meeting space/format.
Perhaps. But in a forum with three thousand
Frank Solensky wrote:
>
> Brian E Carpenter wrote:
> >
> > Frank,
> >
> > This is goodness. Can I ask that you publish the *method* before
> > you publish any results? I have seen various attempts to
> > tackle this in the past, and they have all given results that
> > are very hard to interpret
On 15 Dec 2000 at 10:56 -0500, Keith Moore apparently wrote:
> > How does the idea of NAT destroy the global Internet address space?
>
> because in a NATted network the same addresses are used in different
> parts of the network. addresses are meaningless.
How much meaning does "Keith Moore" ha
What's the problem with locally significant addresses? Having thousands of
10 networks will never present a problem unless those networks at some point
would like to talk to each other. Is that where this whole discussion is
going (or coming from) - that ultimately the more NAT'ing we do, the mo
On Fri, 15 Dec 2000 08:54:36 PST, Scott Brim said:
> How much meaning does "Keith Moore" have? Somehow we have a planet with
> billions of people on it and those who need to still manage to find the
> appropriate "Keith Moore". How do they do that? Are there any lessons
> to be learned?
The le
> > > How does the idea of NAT destroy the global Internet address space?
> >
> > because in a NATted network the same addresses are used in different
> > parts of the network. addresses are meaningless.
>
> How much meaning does "Keith Moore" have? Somehow we have a planet with
> billions of
> What's the problem with locally significant addresses? Having thousands of
> 10 networks will never present a problem unless those networks at some point
> would like to talk to each other.
right. if net 10 networks stay completely isolated from one another,
then there's no problem. the pr
[recipient list trimmed]
> The lesson to be learned is that we say "The Keith Moore that works at UTK".
even this is not sufficient. I once received a telephoned death threat
from someone who had mistaken me with a different Keith Moore from UTK.
fortunately I was able to convince him that he h
Yes! TCP breaks due to the fact that "true" source/destination sockets
cannot be defined. The destination would not know where to send a response
except in the case where DNS is used...unless I need to do more reading
Tina Iliff
-Original Message-
From: Dave Robinson [mailto:[EMAIL PR
On Fri, 15 Dec 2000, Scott Brim wrote:
> How much meaning does "Keith Moore" have? Somehow we have a planet with
> billions of people on it and those who need to still manage to find the
> appropriate "Keith Moore". How do they do that? Are there any lessons
> to be learned?
They do that by at
On Fri, 15 Dec 2000 12:11:29 EST, Dave Robinson said:
> What's the problem with locally significant addresses? Having thousands of
Hmm.. this from a guy posting from endtoend.com? I'm not sure if the
right word is "ironic" or "sarcastic". In any case, didn't we just
release an RFC detailing in
Bingo!
RFC 2775, RFC 2993
Brian
Dave Robinson wrote:
>
> What's the problem with locally significant addresses? Having thousands of
> 10 networks will never present a problem unless those networks at some point
> would like to talk to each other. Is that where this whole discussion is
> go
John:
Thanks for your wise comments; I agree wholeheartedly. In fact, I find
myself agreeing with most of the people in this thread, who seem to think
they are disagreeing with each other. As the person who apparently caused
this dust-up, I feel I should add a note. The remainder of this note
Well, let me correct myself. It is more along the lines of firewall
security being broken in the sense of all firewalls would have to be open to
entire networks instead of limiting individual hosts. IP would be broken in
the sense of routers not being able to distinguish which route to choose in
Don't get me wrong, NAT is an odd booger to be sure, personally I think it
is another $BIG_SOFTWARE_COMPANY conspiracy ;-) But... they do not have the
same identity, when NAT occurs the device then bears a globally unique IP
address at least to all those with whom there may be a conflicting addres
> (I copy this to the poisson list, since I am somehow blocked from
> the IETF list).
>
> I am fully understand what your concern is. But,
> - what should those "corporate representative" do?
> - where should they go?
The point is you dont, not in IETF. Either you are interested in the work you
d
Folks should read and *refer* to the NAT WG documents before commenting. An
awful lot of work was put into the content and wording of these documents.
RFC 2663
draft-ietf-nat-protocol-complications-06.txt
&
RFC 2993
> How much meaning does "Keith Moore" have? Somehow we have a planet with
> billions of people on it and those who need to still manage to find the
> appropriate "Keith Moore". How do they do that? Are there any lessons
> to be learned?
"Keith Moore" is not an address, "Keith Moore" is a name.
One suggestion: given that one or two "channels" of video/audio is always
available during the meeting, and given that a number of people simply
want to "see what is going on" (regardless of the merit of this), why not
pipe the 2 channels onto the hotel TV channels?. This was done during the
recen
It's already happening. Try running IPSec from one 10 network to another 10
network. Much pain.
-C
-Original Message-
From: Keith Moore [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 15, 2000 9:24 AM
To: Dave Robinson
Cc: Keith Moore; M Dev; Sean Doran; [EMAIL PROTECTED]; [EMAIL PRO
> "Scott" == Scott Brim <[EMAIL PROTECTED]> writes:
Scott> How much meaning does "Keith Moore" have? Somehow we have a
Scott> planet with billions of people on it and those who need to still
Scott> manage to find the appropriate "Keith Moore". How do they do
Scott> that? Ar
| It's already happening. Try running IPSec from one 10 network to another 10
| network. Much pain.
Surely the "much pain" is because, as Melinda Shore indicates,
some "anti-NAT fanatics" cannot understand the distinction
between "who" and "where"?
NAT merely exposes and exacerbates the p
On Fri, 15 Dec 2000, Måns Nilsson wrote:
> > nice to notice that the IETF WLAN is also working here at the
> > Embassy Suites hotel, which is far (ab. 2 miles) away from the
> > Sheraton... Is here a secret/uninformed access point or is the range
> > of WLAN this awesome on this side of the world
Well, in this case a device that is doing NAT (properly anyway)would replace
the ip and socket headers, much the way each router replaces physical
addresses.
-Chris Millikin
-Original Message-
From: Iliff, Tina [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 15, 2000 9:48 AM
To: 'Dave
At 16:57 14/12/2000 -0800, Jelena Mirkovic wrote:
>Eso some people get cut off even during registration process???
>What does it mean active? How about newcomers?
>Would it not be a nice idea to simply find a hotel with enough number
>of big rooms so that everyone who wants can fit in? At
RFC 2993 Architectural Implications of NAT's ?
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 15, 2000 12:55 PM
To: Dave Robinson
Cc: [EMAIL PROTECTED]
Subject: Re: NATs *ARE* evil!
On Fri, 15 Dec 2000 12:11:29 EST, Dave Robinson said:
> Wh
Please redistribute to appropriate forums.
As I promised in the MIDCOM working group in San Diego, I've created a
mailing list for discussion on diagnostics and discovery of intermediate
devices. Here are the particulars:
List name: [EMAIL PROTECTED]
Subscribe: [EMAIL PROTECTE
--- Keith Moore <[EMAIL PROTECTED]> wrote:
> We'd need to adopt drastically different methods for
> running a working group and for making decisions.
I agree whole heartedly. How ever when do we put a
stake in the ground to beging this?
> I also suspect it's much easier for thirty people to
>
> Were we to i) incrementally deploy and start using new globally unique
> namespace(s) [either a single one functioning much as IPv4 addresses
> functioned originaly, or, as many of us think would be wise, two separate
> ones, one to identify entities for end-end communication and another to give
>> From: Keith Moore [mailto:[EMAIL PROTECTED]]
>> the problems with NAT are not generally due to implementation. they
>> are inherent in the very idea of NAT, which destroys the global
>> Internet address space.
> From: Dave Robinson <[EMAIL PROTECTED]>
> How does the
Point taken. Rather than reiterate my point I will refer to the following
excerpt from RFC 2993:
"
- NATs enable casual use of private addresses. These uncoordinated
addresses are subject to collisions when companies using these
addresses merge or want to directly interconnect u
Thus spake "Keith Moore" <[EMAIL PROTECTED]>
> > What's the problem with locally significant addresses? Having
thousands of
> > 10 networks will never present a problem unless those networks at
some point
> > would like to talk to each other.
>
> right. if net 10 networks stay completely isolate
> From: v guruprasad <[EMAIL PROTECTED]>
> One basic reason Nimrod is still ugly is that it leaves us to deal with
> real addresses.
If you find a way to select paths in real networks using only virtual data,
we'd all be interested to hear it.
Noel
PS: The issues of i) glob
> > How does the idea of NAT destroy the global Internet address space?
>
> because in a NATted network the same addresses are used in different
> parts of the network. addresses are meaningless.
So what? Why is this the big problem?
__
Do You
At 07:58 AM 12/15/00 -0800, Scott Brim wrote:
>So, throwing bandwidth at the problem is quite cost-effective in about
>85% of the cases, and congestion control is most useful at aggregation
>points, say where enterprise networks meet regional networks. It would
>seem then, that we should solve th
At 04:57 PM 12/14/00 -0800, Jelena Mirkovic wrote:
>Would it not be a nice idea to simply find a hotel with enough number
>of big rooms so that everyone who wants can fit in?
I don't know if you are aware of it, but there is a very simple algorithm
for determining what the "conference hotel" wil
I will admit to some level of confusion
the subject line of this thread is "NATs *ARE* evil!" yet most of the
discussion is about the use of private addresses - something that
a whole lot of firewalls also do - howcum the subject line is
not "NATs & Firewalls are evil!" or "use of private addres
In case the IETF is truly desperate: We could also rent out a major
university during the summer and stick everybody in dorm rooms - that
should be enough to discourage the tourists and evoke the roots of the
Internet :-) I'm sure OSU has classroom space for a few ten thousand
students...
Then,
Fred Baker <[EMAIL PROTECTED]> writes:
> I don't know if you are aware of it, but there is a very simple
> algorithm for determining what the "conference hotel" will be for any
> given meeting. Ask what city it is in, and find out what the largest
> hotel is.
>
>
> We are already going to the la
For an alternate rendering of the agenda, see
http://www.aciri.org/fenner/0mtg-agenda.html
Bill
I find it amazing (well, probably not so amazing)
that we are re-hashing this every few years.
It looks like NAT's are a fact of life, and we
just need to figure out how to deal with them.
- paul
At 07:59 PM 12/15/2000 -0500, Scott Bradner wrote:
>I will admit to some level of confusion
>the s
"Henning G. Schulzrinne" wrote:
>
> In case the IETF is truly desperate: We could also rent out a major
> university during the summer and stick everybody in dorm rooms - that
> should be enough to discourage the tourists and evoke the roots of the
> Internet :-)
Many a true word is said in je
> "Scott" == Scott Bradner <[EMAIL PROTECTED]> writes:
Scott> the use of private addresses - something that a whole lot of
Scott> firewalls also do - howcum the subject line is not "NATs &
Scott> Firewalls are evil!" or "use of private addresses is evil!"?
Not all firewalls do
At 12:24 PM 12/15/00 -0800, Fred Baker wrote:
>I have asked the Secretariat to advise me, quantitatively, of the
>implications of making that leap. I can tell you up front that it has
>implications for either the meeting fee or the corporate sponsorship.
And that impact is precisely why I phra
How about this, practicality. Let's say we can kill all NAT's by sunset,
Sunday. Who can make stop all the NAT's poping up Monday morning? They
might be up all night building experimental network, with red eyes?
Pan Jung
-Original Message-
From: Iliff, Tina [mailto:[EMAIL PROTECTE
> "Joel" == Joel Jaeggli <[EMAIL PROTECTED]> writes:
Joel> I've recieved 3 dozen or so responses from people on the mailing
Joel> list who have automated vacation scripts. Please if you must use a
Joel> vaction script on your mail either unsubscribe from the mailing
Joel> list
> "Jon" == Jon Crowcroft <[EMAIL PROTECTED]> writes:
Jon> note that a major problem with the little wortk that is done is that
Jon> its not often done in realistic topologies - this is a problem with
Jon> ISPs who wont let people get at the data (or the traffic traces) so
Jon>
> "Sean" == Sean Doran <[EMAIL PROTECTED]> writes:
Sean> I should have waited until Perry had spoken, because now that he
Sean> has pointed out the extreme cost of NAT, I have seen the light!
Sean> NATs are expensive. They have gross side-effects. Even Noel
Sean> Chiappa, m
After discussions with Scott Bradner, I have set up a mailing list at
http://lists.cs.columbia.edu/mailman/listinfo/siglite
to discuss interest in possibly having a BOF on light-weight approaches
to network-layer signaling for QoS, network state setup, pricing
information and related topics. The
> Surely the "much pain" is because, as Melinda Shore indicates,
> some "anti-NAT fanatics" cannot understand the distinction
> between "who" and "where"?
sounds like a Peter Pan theory
okay, everbody, close your eyes and try *real hard* to make believe
that you can route between networks u
> this focus on NATs seems to be an incomplete statement of the problem
a complete statement of the problem is quite difficult, especially given
that the problem can be viewed in many different ways (without any of
them being contradictory with the others), each of these views being
illuminating
> It looks like NAT's are a fact of life, and we
> just need to figure out how to deal with them.
well, that's the question after all - how best to deal with them?
I claim that NATs are architecturally bankrupt and we should therefore
devote as little energy as possible toward legitimizing NATs
59 matches
Mail list logo
