[e2e] overlay over TCP
Joe Touch
touch at ISI.EDU
Thu Jan 20 06:59:35 PST 2005
Randall Stewart wrote:
> Joe Touch wrote:
>
>>
>>
>> RJ Atkinson wrote:
>>
>>>
>>> Perhaps one of the paths forward is for folks who propose new
>>> transport-layer protocols to also have an informational document
>>> targeted at folks who build firewalls (or other middle boxes) to help
>>> educate them on what the real risks are (and aren't) with the new
>>> protocol and also to give them help on how to implement support for
>>> that new protocol in their middle box...
>>
>>
>>
>> That presumes, IMO, that NAT designers _want_ to incorporate new
>> protocols.
>
>
> I think not.. its more demand that drives the process IMO or
> as put in a move "show me the money" ...
>
>>
>>> (My assumption here is that the big barrier is confusion/ignorance. :-)
>>
>>
>>
>> For many, as well as many customers, "all new protocols are more
>> dangerous than current ones" - as confused/ignorant as that may be.
>> Nevermind how complicated support for SCTP would need to be
>> (multipath, multistream + NAT rewriting = ?).
>
>
> Nope.. you DON'T need to rewrite NAT to do SCTP.. its a simple
> set of changes..
Let's see. You rewrite your NAT to understand a new protocol number,
where the ports might be, and how to rewrite DATA IN ITS BODY. How do
you accomplish that without "doing SCTP"?
> You just don't get multi-homing with NAT. But
> if you need a NAT chances are you are not too interested in
> multi-homing anyway.
>
> R
Well, tell that to people behind multiple firewall NATs at companies
that would like not to be susceptible to one going down. We have a VPN
that goes through such NATs (using UDP) that supports multihoming and
dynamic routing (which is what dynamic choice of a multihomed path is,
IMO), based on a variant of the X-Bone. But then, you knew I preferred
modular solutions based on existing protocols rather than rolling a
vertical stack...
Joe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://www.postel.org/pipermail/end2end-interest/attachments/20050120/565a93e6/signature.bin
More information about the end2end-interest
mailing list