NAT etc. (was: Spam Control Considered Harmful)


> One of the ways to make it and renumbering seamless is to
> understand that IP addresses are subject to change over
> time and topological distance.

Wel, yes... <sigh>, but as I've noted before, that's an assumption that
the current design of the Internet does _not_ require.

Quoting RFC2101 ("IPv4 Address Behavior Today") Section 4.2:

      To summarize, since the development and deployment of DHCP and
      PPP, and since it is expected that renumbering is likely to become
      a common event, IP address significance has indeed been changed.
      Spatial uniqueness should be the same, so addresses are still
      effective locators. Temporal uniqueness is no longer assured. It
      may be quite short, possibly shorter than a TCP connection time.


Um, the RFC notwithstanding, there are _acres_ of stacks out there that
keep track of a connection by an {IPaddr, protocol, port} tuple, and
don't expect to have to rewrite any of that during a connection.

Can anyone document a stack that _does_ deal correctly with an IP
address changing during a connection session? Between sessions sure...
but during?

-- jra


I think were at least I run into Sean's well summarized position is not in
the temporal non-uniqueness, but with the topological non-uniqueness.
Note that temporal non-uniqueness is currently very large granularity
and generally non-survivable. Topologically non-unique addresses appear
to me to compromise a fundamental principle of the Internet, and an
intrinsic component of what makes it valuable.

Can anyone speak to why topological non-uniqueness works and preserves the
value of the system without adding so much additional per packet
complexity as to collapse under its own load at high volumes and rates?

Having to contend with seperate "useage spaces" seems to me to be somewhat
like being taken off the power grid - it can be done, and it will work,
but it tends to require devices that are large, complex and service many
people (ie. private power stations and corporate firewalls).

Eric Carroll
Tekton Internet Associates