On 26-Jan-22 08:30, Geoff Huston wrote:
...
Tom,
I think you may have missed my initial characterisation of IP addresses
in your response: "we treat addresses as no more than temporary ephemeral
_session_ tokens” i.e. the NAT model relies on session level stability of the NAT association.
Right. And it's well understood that users don't care about addresses (unless
circumstances force them to, such as instructions to browse to 10.1.1.1 to set
up their new home gateway). I don't think much has changed since my rant 8
years ago (https://dl.acm.org/doi/10.1145/2602204.2602215).
It increasingly seems to me that what we lack is some kind of transaction
identifier that can survive both changes of address and transport layer failures. Possibly this is what OSI called the session layer.
My comment about QUIC is that the QUIC protocol does not even require that
session-level stability of address association, and QUIC sessions essentially
require stability of association only on a time basis approaching the RTT
interval.
If you wish to construe various judgemental observations (Like "NAT is evil”,
“NBATs break stuff”, etc,) feel free, but they are your constructions, not mine. The
issue for me is not judgments of “good” or “bad”, but simply to explore, without
overtones of judgement, exactly what an IP address represents in today’s Internet.
I just reread RFC2101. I wouldn't change a word, especially this:
"Thus, IPv6 will amplify the existing
problem of finding stable identifiers to be used for end-to-end
security and for session bindings such as TCP state.
The IAB feels that this is unfortunate, and that the transition to
IPv6 would be an ideal occasion to provide upper layer end-to-end
protocols with temporally unique identifiers. The exact nature of
these identifiers requires further study."
Here we are.
Regards
Brian
_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area
