Re: [nat66] Necessity for NAT remains in IPv6
Roger Marquis <marquis@roble.com> Wed, 11 November 2009 18:19 UTC
Return-Path: <marquis@roble.com>
X-Original-To: nat66@core3.amsl.com
Delivered-To: nat66@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7F2BF3A6863 for <nat66@core3.amsl.com>; Wed, 11 Nov 2009 10:19:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.487
X-Spam-Level:
X-Spam-Status: No, score=-2.487 tagged_above=-999 required=5 tests=[AWL=0.112, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZGZ9bxeHYoIs for <nat66@core3.amsl.com>; Wed, 11 Nov 2009 10:19:30 -0800 (PST)
Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) by core3.amsl.com (Postfix) with ESMTP id D74BB3A680A for <nat66@ietf.org>; Wed, 11 Nov 2009 10:19:30 -0800 (PST)
Date: Wed, 11 Nov 2009 10:19:59 -0800
From: Roger Marquis <marquis@roble.com>
To: Keith Moore <moore@network-heretics.com>
In-Reply-To: <4AFAED68.3070001@network-heretics.com>
References: <mailman.6019.1257872094.4669.nat66@ietf.org> <20091110210512.80FD92B2126@mx5.roble.com> <4AFA0457.2090201@tm.uka.de> <20091111004748.5D4FB2B2119@mx5.roble.com> <4AFA0C8F.5080504@tm.uka.de> <20091111011242.B27942B2113@mx5.roble.com> <4AFA4128.70805@network-heretics.com> <20091111060556.05A332B211D@mx5.roble.com> <4AFAA347.7000402@network-heretics.com> <20091111160536.351C42B2110@mx5.roble.com> <4AFAE363.9080504@network-heretics.com> <20091111164353.D5E842B2119@mx5.roble.com> <4AFAED68.3070001@network-heretics.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Message-Id: <20091111181959.5A05F2B2110@mx5.roble.com>
Cc: nat66@ietf.org
Subject: Re: [nat66] Necessity for NAT remains in IPv6
X-BeenThere: nat66@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "List for discussion of IPv6-to-IPv6 NAT." <nat66.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/nat66>, <mailto:nat66-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nat66>
List-Post: <mailto:nat66@ietf.org>
List-Help: <mailto:nat66-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nat66>, <mailto:nat66-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Nov 2009 18:19:31 -0000
Keith Moore wrote: >> network edge) but only without NAT. > When NAT breaks the ability of the endpoints to use the connection at > all, whether it's authorized or not, whether the flow can be validated > by a firewall is irrelevant. If this statement were to hold water it would also have to apply to statefulness: When statefulness breaks the ability of the endpoints to use the connection at all, whether it's authorized or not, whether the flow can be validated by a firewall is irrelevant. Are you disputing that? In other words, if NAT is bad because it breaks protocols how is statefulness any different? >> Can you give us an example? Is there a protocol in use in the real world >> which ingress flows can be validated by a state-keeping firewall (at the > Also, your notion of the "real world" is one which is deliberately > broken via NAT, so of course nothing exists in your "real world" that > suits your criteria. My notion of the real world is broken? Please do explain. Real world use is just what it is, has nothing to do with any individual. And thank you for admitting the truth, that NAT breaks nothing in real world use. Roger Marquis
- [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 james woodyatt
- Re: [nat66] Necessity for NAT remains in IPv6 Mark Andrews
- Re: [nat66] Necessity for NAT remains in IPv6 Roland Bless
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Margaret Wasserman
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Wes Beebee (wbeebee)
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Roland Bless
- Re: [nat66] Necessity for NAT remains in IPv6 james woodyatt
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Mark Andrews
- Re: [nat66] nat66 Digest, Vol 7, Issue 3 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] nat66 Digest, Vol 7, Issue 3 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Mark Andrews
- Re: [nat66] nat66 Digest, Vol 7, Issue 3 Steven Blake
- Re: [nat66] nat66 Digest, Vol 7, Issue 3 Keith Moore
- Re: [nat66] nat66 Digest, Vol 7, Issue 3 Steven Blake
- Re: [nat66] nat66 Digest, Vol 7, Issue 3 Brian E Carpenter
- [nat66] adding indirection and deadlock Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Mark Andrews
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Brian E Carpenter
- Re: [nat66] Necessity for NAT remains in IPv6 Eric Klein
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Brian E Carpenter
- Re: [nat66] Necessity for NAT remains in IPv6 james woodyatt
- Re: [nat66] Necessity for NAT remains in IPv6 Brian E Carpenter
- Re: [nat66] Necessity for NAT remains in IPv6 james woodyatt
- Re: [nat66] Necessity for NAT remains in IPv6 mohamed.boucadair
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Margaret Wasserman
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Brian E Carpenter
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Martin Röhricht
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Martin Röhricht
- Re: [nat66] Necessity for NAT remains in IPv6 Brian E Carpenter
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Brian E Carpenter
- Re: [nat66] Necessity for NAT remains in IPv6 Brian E Carpenter
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Martin Röhricht
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore
- Re: [nat66] Necessity for NAT remains in IPv6 Roger Marquis
- Re: [nat66] Necessity for NAT remains in IPv6 Chris Engel
- Re: [nat66] Necessity for NAT remains in IPv6 Brian E Carpenter
- Re: [nat66] Necessity for NAT remains in IPv6 Keith Moore