Celebrating NAT Was: Tolerance

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Tue, Jul 16, 2019 at 7:09 PM Melinda Shore <melinda.shore@xxxxxxxxx> wrote:
On 7/16/19 2:39 PM, Doug Royer wrote:
> You can not achieve your goal when you quit. How important are your
> goals to you?

It seems to me that driving away people with energy and
ideas because they're not willing to deal with the tone of
discussions here (and let's be clear: there are no longer
very many organizations in which abusive language or behavior
is tolerated) and leave, either to focus on implementation
or to take their work to another body, the IETF is the loser,
not the person who left.  I worry about several factors
degrading the quality of our output and this is certainly one
of them.

It is probably worthwhile recalling that the Web was originally standardized in IETF. Most of it has left IETF because of the culture issue. Cross area review sounds like a great idea until you end up with people insisting on adding prefixes to distinguish URNs from URLs in the mistaken belief that they are disjoint categories and refusing to accept they are not.

On the NAT issue, Keith and others were not so nuanced or for that matter polite back in the days when we ended up destroying the utility of IPSEC on account of their opinion.

I get the fact that some people are desperate to deploy IPv6 and DNSSEC. Really, I do. No, I really, really do get that people imagine that tying some piece of functionality to one or the other is going to help deployment. That does not mean that they are right or that they should get their way even if they were.


The reason I deployed NAT in 1997 was simple, my broadband provider charged $10/mo for every extra IPv4 address. I saw all the nattering about NATs as frankly an abuse of process to steal money from me and every other Internet user. It was obvious that 99.9% of users would do exactly the same.

I do not have a nuanced opinion on NAT. I believe it is here to stay so whether or not it is a good thing is irrelevant. But NAT is in fact useful even in a pure IPv6 network. I don't want to argue that NAT should be tolerated, it should be celebrated. Here is why.


The user problem we have to solve here is that we don't have enough IPv4 addresses for every user in the world to have a unique one. We have already got more users than there are addresses.

We do however have enough IPv6 addresses to give one to every user and the stock of IPv4 addresses is sufficient to support the number of Internet hosts that provide services and this should be sufficient till 2050 or so if not longer.


The Internet is a network of networks. The only technical mandate of the original Internet was that Internet Protocol be the only protocol used between the networks joined to the Internet. That protocol used to be IPv4 and it is becoming IPv6.

The idea of IP protocol was not part of the original architecture, it came later and for the obvious reason that there is no particular advantage to switching network protocols at the network/internetwork boundary. But it certainly doesn't follow from the fact that we run IP protocol in the network and across the inter-network that the IP addresses should be constant end to end.

If I have a device on my network that I wish to be an internet connected device that can talk to any other internet device, then it obviously needs IPv6 because it needs to be able to address any device on the Internet and there are more than 2^32 devices already. But most devices only need to connect to a service. My Internet connected blender (talk on Thursday) does not need to talk to every other blender on the planet. It only needs to talk to one service.


So rather than trying to insist on phasing out IPv4, we would do much better to embrace NAT and actively promote, enthusiastically and unreservedly, a scheme in which they are the agent enabling change that meets the real near term need which is that a user who is on an IPv6 only or an IPv6 with a limited share of an IPv4 gets the exact same Internet service and benefits as a user with a full IPv4.

* Each residence gets an IPv6/104 (or better)
* Every device is assigned an address in 10.x.x.x
* Devices speak IPv4 to each other inside the network.
* Dual stack devices can contact any Internet server without restriction.
* Single stack IPv4 devices can only contact devices inside the network unless they have help.
* Devise mechanisms that reduce the amount of state that an IPv4 device needs to contact Internet devices to the bare minimum and allow the NAT to transport these on IPv6 rather than IPv4 to limit the need for IPv4 addressing at the residence.

My proposal may not look pretty to some but it is essentially the strategy the industry is adopting regardless of IETF opinion. So why didn't it happen this way?

Well one reason was that people like me who made this proposal were bullied. And when we responded to the bullying we were treated the same way that women often complain of being treated when they make proposals. We were accused of not being respectful and so on. And then when people took the ideas we proposed and adopted them, nobody came back and said 'well you were right'.

Right behind me is a 36" plotter that would cost me $3500 to replace. It only works on an IPv4 interface. There is absolutely no circumstance in which I am upgrading that machine just for the sake of IPv6. Now rather than trying to persuade me to act in a way no ordinary Internet user is ever going to act, please take my refusal to do so as an example of the general case.


One of the things I find bizarre about IETF discourse is that there are people who insist that we have to maintain backwards compatibility with the PDP/11 era and there are people who advocate a fork lift upgrade of the entire Internet to support IPv6, and they are the SAME PEOPLE.


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux