There are no NAT boxes on the Internet and never have been.
Phillip Hallam-Baker <phill@hallambaker.com> Tue, 27 January 2015 17:40 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54BE51A88B2 for <ietf@ietfa.amsl.com>; Tue, 27 Jan 2015 09:40:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.423
X-Spam-Level: *
X-Spam-Status: No, score=1.423 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YV5OxjiUxwVl for <ietf@ietfa.amsl.com>; Tue, 27 Jan 2015 09:40:22 -0800 (PST)
Received: from mail-lb0-x233.google.com (mail-lb0-x233.google.com [IPv6:2a00:1450:4010:c04::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 532691A88B3 for <ietf@ietf.org>; Tue, 27 Jan 2015 09:40:21 -0800 (PST)
Received: by mail-lb0-f179.google.com with SMTP id 10so14344897lbg.10 for <ietf@ietf.org>; Tue, 27 Jan 2015 09:40:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=y65R9jVJkUKSqCOxIpaQHx986OWKQel1F/s8i4ZeCJw=; b=JjrvEztyLjjBT+Jxb0Md0kNds0GLNDqJUJrpaQnA0IXSvFEzZGd+2kVkjfkZIilpSf EegZyJIhgaRjp6J731mqfJQwqCvpRzkzVqzWScDhhA5ebsjDowL5AwPPQB4lHsbR077L 3L/ya8RnXafHxjDgVWTsqq/MHUTBfGn6WWL/2P2dQ3oxyi4Yro3McSUHzx6G2Jd/h5XQ HokqnQFTyEKUUzRXC8dxp0PJDqUU+yPRUiM1eXgnMx1OvblXYc3N8mIkHU/B5kgQmUpX DQjs99gbZWbX38YafbsttdhOcN2LQW7pKusnw5F977MxLXjKfKbr6FXw9ACv0canPTes gTCQ==
MIME-Version: 1.0
X-Received: by 10.112.14.6 with SMTP id l6mr3165732lbc.91.1422380419742; Tue, 27 Jan 2015 09:40:19 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.147.193 with HTTP; Tue, 27 Jan 2015 09:40:19 -0800 (PST)
Date: Tue, 27 Jan 2015 12:40:19 -0500
X-Google-Sender-Auth: dkXVu_9GaPHLUFlon5jyEkeJhQY
Message-ID: <CAMm+LwgUAZtLShdX+S7ZtfhFZrF5QxBCkwVvBZtL=UCN-Xt1WQ@mail.gmail.com>
Subject: There are no NAT boxes on the Internet and never have been.
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="001a11c36de8a7822e050da5bfc2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/2vWEn0mqxYsL5dWXmncZEI5hILQ>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jan 2015 17:40:26 -0000
Since my paper was rejected, I did not attend the middlebox workshop. But I reading the back and forth on Facebook about it, and having spent much of last week reading original sources on the architecture, I realized that a lot of the problem seems to be the confusion between the use of Internet Protocol in a network and an Inter-Network. Today we typically use the term 'Internet' in a very broad fashion to refer to all devices that run IP. That is a fine use of the term but it is not the sense in which it is used in making the end-to-end argument. On the contrary, in that era there was a sharp distinction between the local network and the inter-network and very few machines in a university campus had a direct inter-network connection. When I read arguments from folk saying middleboxes should be eliminated, they seem to all be making arguments for the Inter-Network. We certainly want to keep the Inter-Network free of middleboxen. And with the rare exception of boxes designed to perform mass surveillance deployed in Iran, Syria, Russia, Saudi Arabia and other dictatorial regimes, we have pretty much succeeded. The question is not whether there should be middleboxen in the Inter-Network. The question is how to provide control of the local network. And here my college tutor, Tony Hoare was very insistent on collecting security related functions into one single control point that can be properly coded and audited within an operating system. I think the same principle holds for a network. It does not hold for an inter-network because the definition of an Internetwork is that there is no central control point. Which in turn means that we can't implement certain security functions in the Internet (though there are some functions such as traffic analysis defense that can only be implemented there).
- There are no NAT boxes on the Internet and never … Phillip Hallam-Baker
- Re: There are no NAT boxes on the Internet and ne… Måns Nilsson
- Re: There are no NAT boxes on the Internet and ne… Phillip Hallam-Baker
- Re: There are no NAT boxes on the Internet and ne… Seth Johnson