This might sound like a completely off the wall suggestion. But is it possible that we could use an IPv4 extension header to carry the internal address of a NAT-ed host in some way and thus preserve end-to-end addressability?
Assume for the sake of argument that we have a secure DNS deployed and that this scheme makes it efficient to publish policy records for protocols. [I have a detailed justification for why this is possible]. Such that when a client attempts to connect to the http protocol for www.example.com it is going to receive back a DNS record chain from its resolver that includes:
A 18.1.1.1
AA 18.1.1.1.10.1.0.0
_http._tcp ESRV "IP=a+aa+aaaa"
If the application is going to use the AA record it has to have an IPv4.1 stack. This causes it to emit IPv4 packets where the first four bytes are sent in the IPv4 header and the remaining four bytes are sent as a header option.
The NAT box at 18.1.1.1 now has all the information it requires to allow complete transparency in either direction.
Clients can connect to a server behind a NAT box provided only that they have a current IP stack.
I can even provide a pretty good solution to Brian's mobility/referral problem. Say that there are 256 points of presence, each of which has a distinct IPv4 address. All we need to do is to tell the mobile device when to change its Internet point of presence address. The target need not know that the gateway has been changed.
Of course one objection that would be made against this is likely to be that it solves the problem a bit too well and eliminates the need for IPv6 entirely. The other objection is going to be that we are now so far into the deployment of IPv6 that 'it is too late to change'.
_______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf