Lixia Zhang wrote: > I believe that people in general agree that applications should not use > IP address for referrals. I don't know which people you're referring to there, but that's absolutely not the case for application developers. In the current internet, use of IP addresses for referrals is essential. And in fact every application that uses DNS does exactly that. It's all well and good to imagine a world where there would be a clear ID-LOC separation. But we've never created such a world, and we don't currently have an ID-LOC mapping layer that is good enough to use by all applications. DNS falls short in many ways. And as long as there is not a universal mapping layer that is aware of things like NATs and mobility, and for that matter as long as there are devices that impose arbitrary limitations on traffic flow (e.g. connections have to be initiated from "inside"), there will be a need for applications to deal explicitly with IP addresses. Sure it's ugly but it's the best that applications can do. > As RFC1958 "Architectural Principles of the Internet" (June 1996) stated: > > 4.1 Avoid any design that requires addresses to be hard coded or > stored on non-volatile storage (except of course where this is an > essential requirement as in a name server or configuration server). > In general, user applications should use names rather than addresses. Yes, that's in there. The last sentence was a stretch even in 1996, and it's simply incorrect as applied to the current Internet. (Note that NATs were not so widely deployed in 1996 as they are now.) Saying that applications should use names rather than addresses, especially in the context of a NATted Internet, is tantamount to saying (a) that we have perfect faith in DNS to reliably map names to addresses at all times, in all realms, and that DNS RRs will never leak across realm boundaries, and (b) that we have perfect faith that any address pair chosen by the host stack for communication will continue to function for the entire lifetime of the association. Both of those assumptions would clearly be naive today. > Maybe it's too late so my brain got foggy, however between these two > issues, > > (1) keeping user packets intact as they transit through the network, and > (2) applications using address for referral > > I do not see that (2) is a consequence of (1), as you seem to believe. Part of what we mean by "transparency" is that applications should not have to care about how the network routes packets or the way it is connected. In the original Internet there was a clear separation of function - the applications generated messages to send to each other than the network made a "best effort" to route those messages to their intended destinations. That's no longer true today. And as long as there are NATs in the network (or for that matter other devices that violate the "best effort" model), some applications will be forced to care about such things. Part of the way they learn about such things today is by looking at endpoint addresses, and part of the way they deal with such things today is by using addresses for referral. Keith _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf