Re: IESG position on NAT traversal and IPv4/IPv6

Martin Rex <mrex@sap.com> Tue, 16 November 2010 00:21 UTC

Return-Path: <mrex@sap.com>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 108CE28C1FE for <ietf@core3.amsl.com>; Mon, 15 Nov 2010 16:21:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.085
X-Spam-Level:
X-Spam-Status: No, score=-10.085 tagged_above=-999 required=5 tests=[AWL=0.164, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lyaME5IvpiN7 for <ietf@core3.amsl.com>; Mon, 15 Nov 2010 16:21:49 -0800 (PST)
Received: from smtpde02.sap-ag.de (smtpde02.sap-ag.de [155.56.68.140]) by core3.amsl.com (Postfix) with ESMTP id 08E4E28C1F6 for <ietf@ietf.org>; Mon, 15 Nov 2010 16:20:03 -0800 (PST)
Received: from mail.sap.corp by smtpde02.sap-ag.de (26) with ESMTP id oAG0Kdjr019545 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 16 Nov 2010 01:20:39 +0100 (MET)
From: Martin Rex <mrex@sap.com>
Message-Id: <201011160020.oAG0KbUl026245@fs4113.wdf.sap.corp>
Subject: Re: IESG position on NAT traversal and IPv4/IPv6
To: mohta@necom830.hpcl.titech.ac.jp
Date: Tue, 16 Nov 2010 01:20:37 +0100
In-Reply-To: <4CE12517.4080908@necom830.hpcl.titech.ac.jp> from "Masataka Ohta" at Nov 15, 10 09:18:31 pm
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Scanner: Virus Scanner virwal08
X-SAP: out
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: mrex@sap.com
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Nov 2010 00:21:56 -0000

Masataka Ohta wrote:
> 
> Jari Arkko wrote:
> > 
> > NAT/FW traversal is also important even 
> > with IPv6, as you may have a firewall even in IPv6 (or be going through 
> > a NAT64).
> 
> FYI, traversable firewall is, by definition, broken.

The reason why the internet hasn't completely collapsed by now
(with half of the nodes being PC drones) are the use of
firewalls&NATs to seperate "internal" networks from the internet,
be it home, organizational or governmental.

Try to convince folks to completely remove all outside doors,
windows, window gates, curtain, blinds, flyscreens from
their home to "leverage" many convenient un-restricted openings
to the interior of the house.  I doubt you mind a lot of followers,
and some of those who do might quickly and painfully find out that
the original access scheme to their house did have a few non-marginal
advantages for life, limb and property.


If your plan is to further delay IPv6 as long as possible, then
making it dependent on unrestricted end-to-end IPv6 connectivity
might be the most reliable approach to ensure the maximum pain
and resistance.


-Martin