[e2e] 0% NAT - checkmating the disconnectors

[Dave Crocker]

James Kempf wrote:
>> Does anyone have any good thoughts on how to collectively create the 
>> next generation *Inter* Net - one that actually provides the 
>> interoperability that all of us old codgers dreamed was possible when 
>> Licklider, Taylor, Englebart, etc. first imagined it and Vint Cerf and 
>> Bob Kahn made it happen?
>>
> 
> If you want it to be secure and open, keep the NATs out but put in place 
> a legal/social/commercial solution for security, kind of an Internet 
> CSI. One thing I think we should have learned from the Cold War is that 
> depending only on technical measures for security just leads to arms races.



Let's consider something completely different:

Assume that a NAT represent more than just a device to do address 
administration.  Assume that it is part of a function the represents a desire of 
intrnet operators to have a clear distinction between inside and outside.

To some extent, routers do the same thing. (Yes, NATs are more complex and are 
stateful, but I'm going for a basic issue, here, so please just tolerate my 
hand-waving.)

Note that routers do address translation too.  They change the current 
link-layer address to be a new one.  (Dontcha just luv layers?)

For all of the implied lessons in distinguishing internal routing from exterior 
routing, we seem to resist re-applying the lesson to other parts of the 
architecture.

I've come to believe that most of the approach to dealing with NATs almost comes 
for free if we do locator/identifier properly and provide a useful 'session' 
layer (or equivalent function with the app layer.)

d/
-- 

Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>