IETF Logo Mail Archive

Re: [v6ops] double nat

Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 02 October 2012 12:27 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5368221F8ABD for <v6ops@ietfa.amsl.com>; Tue, 2 Oct 2012 05:27:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.56
X-Spam-Level:
X-Spam-Status: No, score=-103.56 tagged_above=-999 required=5 tests=[AWL=0.039, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G4xabrltR5kJ for <v6ops@ietfa.amsl.com>; Tue, 2 Oct 2012 05:27:22 -0700 (PDT)
Received: from mail-ie0-f172.google.com (mail-ie0-f172.google.com [209.85.223.172]) by ietfa.amsl.com (Postfix) with ESMTP id CC80521F8ABB for <v6ops@ietf.org>; Tue, 2 Oct 2012 05:27:22 -0700 (PDT)
Received: by iec9 with SMTP id 9so16709451iec.31 for <v6ops@ietf.org>; Tue, 02 Oct 2012 05:27:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=kNAedVrh1g8to7uIBqmlUXJTUKH8Kt2uKnqLdHjMmzc=; b=KBTGFZmfIkNt+xunAnzg3oixT8m4++RERrioEuQJ7NZvCOJyHOszOUYBiypk/zz47G uRJdmeOHXP5ZopeJtEovEY5AJexxvhashCM2EBxe4CDqcW8fyAlutxlVTnsKqtCDP/Rp MGmw3cjYcA636KGOQKOaqrym6wn6Ac4xxc8ZPAXDo7iTroRlq08xcADvHHpIbuFSZVln k5RZllIKyKcWPSOWK7f+0dEL/GveQKymCZ7+YehkQD/kazRtuHnls0S/CVBeMj+4eF5i PD4GIyYhqHBlECGSNK/2x1ICCLLSHxkpRAIaHJUKnaOlET+QhbKv0H0mL6m9b7hbrviZ W7Jg==
Received: by 10.50.100.225 with SMTP id fb1mr8483397igb.12.1349180842399; Tue, 02 Oct 2012 05:27:22 -0700 (PDT)
Received: from [10.255.25.102] (50-76-68-140-static.hfc.comcastbusiness.net. [50.76.68.140]) by mx.google.com with ESMTPS id q1sm691290igj.15.2012.10.02.05.27.21 (version=SSLv3 cipher=OTHER); Tue, 02 Oct 2012 05:27:21 -0700 (PDT)
Message-ID: <506ADDA6.3030702@gmail.com>
Date: Tue, 02 Oct 2012 13:27:18 +0100
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Randy Bush <randy@psg.com>
References: <m2lifpnpvf.wl%randy@psg.com>
In-Reply-To: <m2lifpnpvf.wl%randy@psg.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: IETF v6ops list <v6ops@ietf.org>
Subject: Re: [v6ops] double nat
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Oct 2012 12:27:23 -0000

On 02/10/2012 11:13, Randy Bush wrote:
> so, is double nat really worse than single nat?  is it formally
> different?  except in the case of overlapping spaces, of course.
> 
> draft-donley-nat444-impacts-04.txt seems to back off reports of
> application issues.  anyone care to swing the clue by four as to
> where multiple layers of nat are formally worse than one layer?

If you think the referrals problem is serious, multiple NAT makes it
worse by creating additional addressing realms.

The probability of losing a session due to NAT state loss is presumably
greater when there are more NATs on the path.

   Brian

v2.23.0 | Report a Bug | By Email