IETF Logo Mail Archive

Re: [NSIS] NATFW NSLP; using REA mode for blocking data flows

Martin Stiemerling <stiemerling@netlab.nec.de> Thu, 04 May 2006 13:57 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FbeKH-0002uZ-LD; Thu, 04 May 2006 09:57:05 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FbeKG-0002uU-Qu for nsis@ietf.org; Thu, 04 May 2006 09:57:04 -0400
Received: from kyoto.netlab.nec.de ([195.37.70.21]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FbeKF-0004of-Cf for nsis@ietf.org; Thu, 04 May 2006 09:57:04 -0400
Received: from [10.1.1.109] (mito.netlab.nec.de [195.37.70.39]) by kyoto.netlab.nec.de (Postfix) with ESMTP id 0DB291BAC4D; Thu, 4 May 2006 15:50:50 +0200 (CEST)
In-Reply-To: <4443F69F.9000708@uni-tuebingen.de>
References: <4443F69F.9000708@uni-tuebingen.de>
Mime-Version: 1.0 (Apple Message framework v749.3)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <4D167603-348A-48BA-AB2E-634153ACF4F6@netlab.nec.de>
Content-Transfer-Encoding: 7bit
From: Martin Stiemerling <stiemerling@netlab.nec.de>
Subject: Re: [NSIS] NATFW NSLP; using REA mode for blocking data flows
Date: Thu, 04 May 2006 15:57:01 +0200
To: Ali Fessi <ali.fessi@uni-tuebingen.de>
X-Mailer: Apple Mail (2.749.3)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7aafa0432175920a4b3e118e16c5cb64
Cc: nsis <nsis@ietf.org>
X-BeenThere: nsis@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Next Steps in Signaling <nsis.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:nsis@ietf.org>
List-Help: <mailto:nsis-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=subscribe>
Errors-To: nsis-bounces@ietf.org

Hi Ali,

I have been away on vacation and now catching up with the emails.

The name REA (RESERVE-EXTERNAL-ADDRESS) has its roots in the time of  
reserving a public reachable IP address at a NAT. The semantics of  
this REA message has changed over time and does now include firewalls  
as well.

We have had some proposals for a new name of REA, but none of them  
could ultimately convince. My current reading for REA is, that in any  
case (NAT or firewall) you do reserve the external reachable IP  
address. For the NAT case, this is the public reachable IP address;  
for the firewall case this is the globally routable IP address of the  
host (or one of these addresses). Both "types" of addresses are  
external addresses.

However, if somebody has a good proposal for another name describing  
the semantics in a better way -- send it NOW. (yet another naming  
contest :-)

   Martin

Am 17.04.2006 um 22:12 schrieb Ali Fessi:

> Hi all,
>
> the REA mode (Reserving External Address) was originally called REA  
> mode because it is used by hosts behind a NAT to reserve a publicly  
> reachable IP address (and port number).
>
> Now, the REA mode is also used by hosts behind a firewall to signal  
> to a firewall for blocking data traffic.
>
> Although from functionality point of view, it might be fine to use  
> the same name for these two similar functionalities; but from  
> terminology point of view, this is rather confusing to signal for  
> blocking data traffic and call it "REA mode".
>
> So, why not use a different name that matches more the  
> functionality, something like "BLOCK mode" for example?! This would  
> make it easier for the readers to understand.
>
> Cheers,
> Ali
> -- 
> Ali Fessi
> University of Tuebingen, Germany
>
> _______________________________________________
> nsis mailing list
> nsis@ietf.org
> https://www1.ietf.org/mailman/listinfo/nsis


_______________________________________________
nsis mailing list
nsis@ietf.org
https://www1.ietf.org/mailman/listinfo/nsis

v2.23.0 | Report a Bug | By Email