[e2e] 100% NAT - a DoS proof internet
Saikat Guha
saikat at cs.cornell.edu
Wed Feb 22 09:28:55 PST 2006
On Wed, 2006-02-22 at 08:24 -0800, rick jones wrote:
> On Feb 22, 2006, at 12:32 AM, Saikat Guha wrote:
> > NATs (not counting firewalls) are used to extend the IPv4 address
> > space.
> > The address space for "names" is infinite. Is there a motivation behind
> > designing or deploying name-translation devices?
>
> names (in the DNS or something like it I presume?) may be essentially
> infinite, but are they "free?" IIRC even with IPv4 ISP's were/are
> offering multiple IPs to customers - for a price
I imagine that price stems from the scarcity of IPs in the ISP's address
block. ISP's routinely offer customers multiple free email addresses.
> I also thought that NAT's were used to provide some (small) measure of
> anonymity.
Names need not betray organizational topology, nor prevent anonymity.
NATs are a hack to circumvent IP routing without changing endhosts. A
name-based routing would require changing endhosts anyway. It would also
allow implementing these "services" that NATs provides now, at the
endhosts themselves. Clever name-based routing protocols (i3 for
example) can reach the destination without requiring NATs in the middle
for anonymity and topology hiding.
--
Saikat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.postel.org/pipermail/end2end-interest/attachments/20060222/7bc1ac50/attachment.bin
More information about the end2end-interest
mailing list