Re: [lisp] LISP Interworking: Proxy Egress Tunnel Routers

["Joel M. Halpern" <jmh@joelhalpern.com>]

(Using Noel's response as a hook for a related point.  I don't disagree 
with him.)

A further complication is that in order for a site to have the option of 
avoiding LISP-NAT, someone else has to have sufficient deploy RITRs and 
PETRs that the sites outbound traffic has PETRs to use, and that inbound 
legacy traffic has PITRs to use.

So, unless there is a deployment model in which PITR and PETR 
deployments make economic sense, LISP will be dependent upon LISP-NAT. 
I for one do not consider NAT a solution worth offering the world.
(That sentence assumes all sorts of aspects of LISP goals, deployment 
and usage.  Your mileage may differ.)

Yours,
Joel

Noel Chiappa wrote:
>     > From: "Darrel Lewis (darlewis)" <darlewis@cisco.com>
> 
>     > I personally prefer both Proxy ITRs and Proxy ETRs to NAT, but your
>     > mileage may vary! :-)
> 
> Well, funny you should say that, because I was thinking, after I sent the
> previous message, that it is of course always better to avoid NAT if you can;
> because NAT mangles packets (which breaks some things, including some kinds of
> IPSec, for instance), and won't always work (e.g. for protocols which won't
> work through NATs, e.g. if they have embedded addresses, etc).
> 
> So LISP-NAT is not actually a 100% replacement for a PETR if you're on a uRPF
> ISP. (Did I just set some sort of jargon record in that sentence? :-)
> 
> 	Noel
> _______________________________________________
> lisp mailing list
> lisp@ietf.org
> https://www.ietf.org/mailman/listinfo/lisp
>