[e2e] 100% NAT - a DoS proof internet

Joe Touch touch at ISI.EDU
Wed Feb 22 10:34:27 PST 2006



Andrew Warfield wrote:
>>I'll grant that the DNS sits outside the Internet network architecture
>>the same way that NAT-host registries do. But NAT'd systems are a
>>network structure that won't forward packets unless such a service
>>exists; the Internet doesn't require that.
> 
> By "the Internet" here, you mean "the part of the Internet that
> doesn't sit behind NATs", right?

The "Internet" means, IMO, the part of the network that follows Internet
rules, which mean:

- globally-routable addresses
- hop-by-hop forwarding using local rules

The part behind NATs are serviced by a proxy (the NAT box) with data
communications capabilities, but it's definitely NOT the Internet back
there.

Joe


More information about the end2end-interest mailing list