[41378] in North American Network Operators' Group
RE: Where NAT disenfranchises the end-user ...
daemon@ATHENA.MIT.EDU (Jim Shankland)
Fri Sep 7 14:31:40 2001
Date: Fri, 7 Sep 2001 11:33:01 -0700
Message-Id: <200109071833.LAA30304@ndk.shankland.org>
From: Jim Shankland <nanog@shankland.org>
To: "Mike Batchelor" <mikebat@tmcs.net>
Cc: <nanog@merit.edu>
In-Response-To: <LLEOLJEDPHOFANPCPKOMGEHECEAA.mikebat@tmcs.net>
Errors-To: owner-nanog-outgoing@merit.edu
"Mike Batchelor" <mikebat@tmcs.net> writes:
> Oh yes, the firewall. That convenient device that network software
> developers can assume will always pass port 80 and 443 traffic. So
> everything uses port 80 and 443 in the future Internet, and we're all the
> better for it.
Um, sure, but what are you arguing? That firewalls are useless and
should all go away? (Good luck.) That firewalls don't really exist :-)?
I'm simply saying that those who cite the "fundamental principle of
end-to-end connectivity" are describing a world that does not, in fact,
exist today; and that reality appears to be diverging from, rather than
converging toward, that world. Pretending that NAT and firewalls don't
exist, and hectoring the world to change, in the name of a "fundamental
principle", isn't going to work -- at least, that's my humble prediction :-).
Maybe it would be useful to design a base protocol that would
provide a standardized method for things like passing an <address,
port> tuple, or registering a desire to receive packets on a
particular UDP port -- the kind of things that gamers, e.g., want, and
that are tricky to make work through a NAT. Games, etc., could be
written on top of this base protocol, and NATs and firewalls could
be made to be aware of that protocol. Just a thought; any
merit to it?
Jim Shankland
