Will this never end...?
If you want to be able to control individual lightbulbs in your house, how
about an IP <-> X10 gateway? X10 (as an example, not because I have any
particular attachment to it) is a useful protocol for controlling devices
(usually with limited "intelligence") within a home; that's what it was
designed for. Do you use SMTP to program your router? Let's use
appropriate protocols at appropriate times and places.
PDA? Why can't I talk to my home machine? I do it all the time (not with a
PDA, but with other devices), even though the machine is inside a NAT
"boundary". Yes, it took a little configuration magic, but nothing as
complex as e.g. RSIP.
Why is this about "controlling the household from the outside"? I thought
this thread was about "big companies controlling large private address
spaces"? Or end-to-end UDP for the latest version of Quake? Or SNMP to
flush my toilet from McMurdo Sound? This thread has wandered over a lot of
territory.
NAT IS A HACK. Is it a useful hack? In some circumstances, yes. I use it,
without a lot of attention on it; my wife uses this computer to browse the
Web and read email, and when I say NAT she reaches for the bug spray. :-)
Does NAT work at the ISP level? Depends on what the ISP is selling. I had
a lot of problems with ISPs who wanted to sell me a "black box" of Internet
connectivity -- I'm a geek, I know what I want, and some of them didn't want
to sell it to me (in large part because their sales reps didn't understand
what I was talking about). Does an AOL user care about his place in the
address space hierarchy? Likely not, nor does he "purchase" a right to
care. Do I care? Yes, and I pay for it, and I get it.
Does NAT work for corporations? Depends on what they are hoping to buy with
it. A NAT client at Foo Corp can attempt to access resources across the
net; if Bar Industries is also using NAT, Bar's NAT must be configured to
direct the incoming requests. But that can work just fine. Multilevel NAT
(i.e. within an organization) is as prone to problems as multilevel
marketing; Just Say No.
Corporations can use firewalling, internal network addressing, and proxies.
Microsoft does this, and I rarely experience a situation in which I cannot
do the "end to end"-ish thing I want to do. (You can't do it from outside,
but that's why it's a firewall.)
NAT IS A HACK. Why is there so much effort going in to somehow either
"legitimizing" it, or demonizing it? As I've said before, I use it because
my ISP is greedy and wants a lot of money for more than one IP address; I
think they assume I'm doing something "commercial". (I also pay a premium
for my DSL connection because it's not the base "consumer" speed, and USWest
assumes it's "commercial".) As a side-effect, it creates a level of
security; my "inside" machines are not directly on the Internet, and it
makes it harder for them to be compromised. (Not impossible, but harder,
and there's nothing there that makes it worth it.) That's why I use NAT.
Is NAT right for you? NAT IS A HACK. Does it serve your purposes? If so,
cool, go for it. If you are a vendor to others, does it serve your
customers' purposes? If not, and you are selling them something you can't
and don't provide, then you are a crook and legal process should be invoked
to deal with you.
Does SMTP give you "end to end connectivity" to each email user you address?
No, they can be on completely disjunct machines, with incompatible (or no)
network capabilities. (When you send me email, you are NOT sending it to
the machine where I read it, nor could you get here from there.) There are
certainly some protocols that fail without "real" end-to-end connectivity.
There are many that do not.
It is an invalid assumption that, as a class, devices won't be able to
communicate with your home devices because of a NAT -- in some cases it's
true, in others, false, in others, it requires a little more hacking. NAT
IS A HACK. Maybe a particular circumstance requires a little more hacking,
maybe it requires an ALG, or maybe it requires a redesign of its protocol to
allow for NAT. Question: is what you get, worth the effort? Long term?
NAT IS A HACK. Let's step back and focus on ways to fix the problems that
led people to think of NAT in the first place, rather than trying to
engineer NAT as a long-term solution to those problems. Perhaps NAT will
remain as a solution for a certain, smaller class of problems -- cool. If
NAT isn't solving your problems, DO SOMETHING ELSE. But building a world on
NAT is building a world on a HACK.
PS: my bathroom light is OFF.
-----Original Message-----
From: Keith Moore [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 07, 1999 7:41 PM
To: Tripp Lilley
Cc: Keith Moore; Daniel Senie; Perry E. Metzger; Randy Bush; ietf
Subject: Re: IP network address assignments/allocations information?
> Is this really the "right" model for that sort of interaction? Personally,
> my home network (in which every light bulb *will* be on the 'net within
> the year) is not something I want end-to-end connectivity to.
why not?
seems like if you want your light bulbs to be independently addressable
or pollable (can't wait for the SNMP lightbulb MIB!)
you want the ability to talk to them directly. OTOH, if for the
specific case of light bulbs you want some sort of "light management
system", then maybe you want to talk to that light management system
rather than to the individual light bulbs.
the point is, even though you might want some local resource managers
to mediate the use of light bulbs, whatever, that doesn't
mean that you want to block all outside connectivity to every device
in your home. if you have to have an ALG for everything you want
to control from outside that is going to impose a serious barrier
to the kinds of controllable devices you can have in your home -
because you won't be able to control it unless your NAT supports
the right ALG for each device you want to use.
and it's downright silly to have a wireless PDA (say a palm vii
or a pdq phone) and not be able to use it to talk to your devices
within the home just because your PDA and your home are on opposite
sides of a NAT.
