[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lisp] LISP-NAT - explanation and support?

From: Robin Whittle <rw at firstpr.com.au>
To: lisp at ietf.org
Date: Tue, 22 Sep 2009 14:53:18 +1000

Short version:   Can anyone explain exactly how LISP-NAT is
                 supposed to work, what it is useful for (especially
                 in terms of what it can do which other approaches
                 can't) and what its limitations are?

                 Does anyone argue that LISP-NAT will actually
                 be useful enough to be adopted?

                 If there isn't sufficient support for LISP-NAT
                 I would welcome at least a tentative consensus that
                 it be relegated to some kind of historic status,
                 unless it someone significantly revises it.  This
                 would avoid LISP-NAT turning up in future
                 discussions as if it was practical and desirable
                 when (I think) most people believe it is not.

I have never been able to understand how LISP NAT would work, and
have written critiques of it in the past.

Noel wrote:

 http://www.ietf.org/mail-archive/web/lisp/current/msg01550.html

> . . . it is of course always better to avoid NAT if you can;
> because NAT mangles packets (which breaks some things, including
> some kinds of IPSec, for instance), and won't always work (e.g.
> for protocols which won't work through NATs, e.g. if they have
> embedded addresses, etc).
>
> So LISP-NAT is not actually a 100% replacement for a PETR if you're
> on a uRPF ISP.

In the next message, Joel wrote:

> So, unless there is a deployment model in which PITR and PETR
> deployments make economic sense, LISP will be dependent upon
> LISP-NAT. I for one do not consider NAT a solution worth offering
> the world.

So that's three people who are critical of LISP-NAT.


Darrel wrote (msg1545):

> Well, I personally prefer both Proxy ITRs and Proxy ETRs to NAT,
> but your mileage may vary! :-)

but in the previous message:

> If I could not get a PETR service 'close enough', I would use
> LISP-NAT for this (URPF avoidance) purpose.  As Dave pointed out
> in his email, a very interesting (to me) side effect of both
> Proxy ITRs and Proxy ETRs are that LISP sites see the benefits
> (ingress TE and protocol independent data plane) of LISP day one.
> Both I consider optional however, since LISP-NAT is an alternative.

Are there any good explanations, with examples, of how LISP-NAT would
work and be useful enough to be deployed and adopted?

   - Robin

Follow-Ups:
- Re: [lisp] LISP-NAT - explanation and support?
  - From: Darrel Lewis (darlewis)

Prev by Date: [lisp] Business models - PITRs, PETRs and EID-rental
Next by Date: Re: [lisp] LISP Interworking: Proxy Egress Tunnel Routers
Previous by thread: [lisp] Business models - PITRs, PETRs and EID-rental
Next by thread: Re: [lisp] LISP-NAT - explanation and support?
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.