the alleged evils of NAT, was Rate of growth on IPv6 not fast enough?

Owen DeLong owen at delong.com
Tue Apr 27 13:41:05 CDT 2010


On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:

> Andy Davidson wrote:
>> On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
>>  
>>>> Did you use Yahoo IM, AIM, or Skype?
>>>>      
>>> Yes, yes, and yes.  Works fine.
>>>    
>> 
>> What about every other service/protocol that users use today, and might be invented tomorrow ?  Do & will they all work with NAT ?
>>  
> 
> Anyone inventing a new service/protocol that doesn't work with NAT isn't planning on success.

Respectfully, I disagree.  There are many possible innovations that are available in a NAT-less world and it is desirable to get to that point rather than hamper future innovation with this obsolete baggage.

>> Do many others work as well or act reliably through NAT ?
>>  
> Yes.

In reality, it's more like some yes, some not so much.

>> Will it stop or hamper the innovation of new services on the
>> internet ?
>>  
> Hasn't so far.

Here I have to call BS... I know of a number of cases where it has.

>> The answer to these questions isn't a good one for users, so
>> as the community that are best placed to defend service quality
>> and innovation by preserving the end to end principal, it is our responsibility to defend it to the best of our ability.
>>  
> Firewalls will always break the end-to-end principle, whether or not addresses are identical between the inside and outside or not.

Yes and no.  Firewalls will always break the idea of global universal end-to-end reachability.

The do not break the end-to-end principle except when NAT is involved.

The end-to-end principle is that the original layer 3+ information arrives at the layer 3 destination un-mangled by intermediate devices when it is a permitted type of traffic. Blocking unwanted flows does not break the end-to-end principle. Maiming and distorting data contained in the datagram, including the headers, on the other hand does break the end-to-end principle.

>> So get busy - v6 awareness, availability and abundancy are
>> overdue for our end users.
>>  
> Maybe. Most of them are perfectly happy.
> 
This word Most, it does not mean what you appear to think it means.

Owen





More information about the NANOG mailing list