On 5-apr-2006, at 17:09, Michel Py wrote:
By far, the volume of traffic is
peer-to-peer (mostly questionable in terms of copyright). All major
P2P
apps for the most widely used protocols (bittorrent, edonkey etc)
cross
NAT nicely, most have UPNP support (no configuration of the NAT
box) and
some even have external NAT traversal mechanisms that don't even
require
to open a port. Breaking games an other low-volume apps serves no
purpose.
This sounds a lot like "NAT doesn't really break anything". If I
pretend I'm a regular user for a minute, I can tell you this is not
the case. When I used NAT for my Powerbook I had lots of problems
doing videochats with Apple's iChat with someone else who was also
behind NAT. Even when I configured the single real IP address I got
on my Powerbook (very tricky because there was a Cisco SOHO box
terminating a PPPoA ADSL link in the middle) it still didn't work
very reliably. RTSP with Quicktime didn't work when the Cisco 82x did
the NATting, but it would when an Apple Airport Extreme performed NAT.
Peer-to-peer isn't a good example, because of the high built-in
redundancy. Even someone who can only set up outgoing sessions can
run BitTorrent without too much trouble because there are plenty of
peers without NAT or portmappings of some kind (manual, uPnP or NAT-
PMP) that can receive the incoming sessions. When the sessions are
up, traffic can flow both ways. However, if you read forums or
release notes you'll see lots of discussion on port mapping because
being able to receive incoming session setup attempts means that you
get to connect to more peers (all of them, without port mapping only
others that are not behind NAT or do have port mapping) so your
downloads are faster.
Given the market place realities the IETF should be careful to make
its protocols interoperate with NAT whenever possible, but don't
think for a minute that adding NAT workarounds solves the problem
completely. Here in the Netherlands ISPs generally give out a single
real IP address to their customers, but most customers use a DSL or
cable modem with NAT or an additional NAT router or wireless base
station so they can connect more than one computer. Despite some
individual reports to the contrary, I believe the same is true for
most IP users.
However, some ISPs already perform NAT for their customers in their
network, and that's only going to increase as IPv4 addresses become
more scarce and eventually run out completely. At that point, many
people will be behind two layers of NAT. Also, reserving ports will
be very hard because many systems share one real IP address. Maybe
it's just me, but I don't see the IETF or anyone else for that matter
coming up with something that allows communication between two people
who are both behind two layers of NAT with any modicum of reliability.
So in addition to supporting NAT where reasonably possible, the IETF
should also continue to plan for a future where there is enough
address space to make NAT unnecessary. However, universal
reachability isn't coming back even if NAT is out of the picture
because people love to run firewalls that break way more stuff than
intended.
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf