IETF Logo Mail Archive

Re: IPv4 Outage Planned for IETF 71 Plenary

Philip Matthews <philip_matthews@magma.ca> Thu, 20 December 2007 14:55 UTC

Return-path: <ietf-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1J5Mnd-0000tA-ID; Thu, 20 Dec 2007 09:55:01 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1J5Mnb-0000su-OE for ietf@ietf.org; Thu, 20 Dec 2007 09:54:59 -0500
Received: from mail6.primus.ca ([216.254.141.173] helo=mail-05.primus.ca) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1J5Mna-0007i6-W8 for ietf@ietf.org; Thu, 20 Dec 2007 09:54:59 -0500
Received: from [24.139.16.154] (helo=[10.0.1.3]) by mail-05.primus.ca with esmtpa (Exim 4.63) (envelope-from <philip_matthews@magma.ca>) id 1J5Mmx-0004lF-1k; Thu, 20 Dec 2007 09:54:19 -0500
In-Reply-To: <083201c84283$9e4489e0$dacd9da0$@net>
References: <E1J3IFS-0002yV-CG@ietf.org> <200712142154.lBELs1ne090300@drugs.dv.isc.org> <200712181644.lBIGisBx090029@romeo.rtfm.com> <476800BC.5030504@dcrocker.net> <38033976C354EAB237181075@[192.168.101.1]> <p06250103c38dc78214d8@[74.134.5.163]> <080c01c84276$ec9a79e0$c5cf6da0$@net> <tsl8x3qphdd.fsf@mit.edu> <083201c84283$9e4489e0$dacd9da0$@net>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <D9F2F3CF-684C-426C-8985-AF8B01463E64@magma.ca>
Content-Transfer-Encoding: 7bit
From: Philip Matthews <philip_matthews@magma.ca>
Date: Thu, 20 Dec 2007 09:54:53 -0500
To: Tony Hain <alh-ietf@tndh.net>
X-Mailer: Apple Mail (2.752.2)
X-Authenticated: philip_matthews@magma.ca - ([10.0.1.3]) [24.139.16.154]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f66b12316365a3fe519e75911daf28a8
Cc: Sam Hartman <hartmans-ietf@mit.edu>, ietf@ietf.org
Subject: Re: IPv4 Outage Planned for IETF 71 Plenary
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Errors-To: ietf-bounces@ietf.org

There is no special signaling to BEHAVE-compliant NATs.
Instead, the client behind the NAT sends a packet to some device on  
the public side of the NAT, and this causes the NAT to create state.   
This is the way all NATs work today.

Though there are not a lot of NATs today that are 100% BEHAVE  
compliant, for each BEHAVE recommendation, there are commercial NATs  
that follow that recommendation. So the BEHAVE specifications are  
really just a collection of the best current practices of NAT vendors.

Furthermore the STUN, TURN, and ICE protocols do not require any  
support at all from the intervening NATs, and are in fact designed to  
work with existing NATs, including those that are currently being  
used by ISPs to NAT their entire network.

- Philip


On 19-Dec-07, at 16:10 , Tony Hain wrote:

> Sam,
>
> While I understand the virtue in behave-compatible nats, how  
> realistic is it
> to believe that any service provider is going to allow a consumer to
> directly signal their infrastructure? This assumption was the  
> failing of
> RSVP as an endpoint qos tool.
>
> There is lots of noise about ISPs just putting up massive nat farms  
> to push
> their customers out, but when it comes right down to it there is no  
> way that
> will work for anything but the most trivial client apps. All of the
> assumptions about nat working today are built around local control  
> of the
> mappings. When that mapping function has to move to a third party,  
> all bets
> are off. Worse, when that third party has strong disincentives  
> which keep
> them from allowing their customers to punch holes, there is no  
> chance that
> apps will work. ISPs are disincented by even the simple issue of
> after-the-fact diagnostics being more complicated by dynamic  
> mappings, let
> alone the problem of conflict resolution between customers.
>
> Behave compatible nats are a nice concept for enterprises with  
> multiple
> levels of internal nat, but third-party trust issues will kill any  
> real
> deployment of a signaling based approach.
>
> Tony
>
>> -----Original Message-----
>> From: Sam Hartman [mailto:hartmans-ietf@mit.edu]
>> Sent: Wednesday, December 19, 2007 12:19 PM
>> To: alh-ietf@tndh.net
>> Cc: 'IETF Chair'; ietf@ietf.org; iaoc@ietf.org; 'John C Klensin';
>> dcrocker@bbiw.net; 'Pete Resnick'; iesg@ietf.org
>> Subject: Re: IPv4 Outage Planned for IETF 71 Plenary
>>
>>>>>>> "Tony" == Tony Hain <alh-ietf@tndh.net> writes:
>>
>>     Tony> the right experiment. It is not right because it does
>>     Tony> nothing positive, other than the threat -maybe- spurring
>>     Tony> some action. A more realistic experiment would be to run  
>> the
>>     Tony> entire week with a double-nat for IPv4 (and nats between  
>> the
>>     Tony> access points to simulate consumer-to-consumer
>>     Tony> configurations), where the most public one has  
>> absolutely no
>>     Tony> provision for punching holes (because realistically an ISP
>>     Tony> is not going to punch inbound holes for its customers, or
>>     Tony> allow them to).
>>
>> I strongly support this experiment and believe it would be a really
>> good idea to run.  I do think behave-compatible nats should be used,
>> but besides that, I think the experiment you propose is far more
>> valuable than the v6-only experiment.
>
>
> _______________________________________________
> Ietf mailing list
> Ietf@ietf.org
> https://www1.ietf.org/mailman/listinfo/ietf
>


_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email