It can certainly be used. The references are only carried up to the
gateway where they're used to produce local IP addresses. The devices
inside the private net would not see the references. IPREF allows
substantial customization of the local network protocol. It allows to
run whatever protocol one wants, with address compression or not, or
even some special protocol designed specifically for IoT.
I am not sure why you think IPREF would reduce privacy vs NAT. Both
rewrite addresses so I would think both offer the same level of privacy.
If anything I would say IPREF offers more privacy. Maybe an example
would help me understand the issues in this area. In a typical
configuration, there would be a NAT router facing the Internet anyway
(not required but likely). The IPREF gateway could be a part of the NAT
router or it can be on another gateway 'behind NAT'. That way it should
be at least as good as NAT.
On 2/16/23 00:19, Luigi IANNONE wrote:
Hi,
I was wondering if it make sense to use it in an IoT deployment.
In that context IP addresses are often compressed, so instead of compression
small sized references can be used.
On the flip side, and in the general case, references reduce privacy w.r.t.
other technologies like e.g. NAT.
This should be discussed in the document.
Ciao
L.
-----Original Message-----
From: Int-area <int-area-boun...@ietf.org> On Behalf Of Evan Pratten
Sent: Wednesday, 15 February 2023 20:04
To: waldemar <walde...@wdmsys.com>
Cc: int-area@ietf.org
Subject: Re: [Int-area] New -00 draft: draft-augustyn-intarea-ipref-00
Ya, I guess using non-ip-addresses for the refs is a good idea for networks
that involve non IP-based hops.
Would it be possible to have a router do reference pass-through? I'm
thinking of a kind of double-NAT situation where I might want router 1 to
delegate the routing of refs to router 2.
WAN <--> R1 <--> R2 <--> Clients
On Tue, Feb 14, 2023 at 10:08 PM waldemar <walde...@wdmsys.com>
wrote:
I was not thinking of chaining, this sounds like source routing, I am
not sure. Cascading is certainly possible. The destination may rewrite
one IPREF address into another IPREF address. This could be done
multiple times.
I wanted to avoid any sort of negotiations, any kind of time
dependency, and I was trying to minimize amount of information shared
between peers.
The peers don't trust each other that much except to agree to
communicate. Using real addresses leads to negotiations and requires
knowledge of peers address spaces and protocols, so that was not a
good option. I was thinking of peer networks (multiplayer games, NAT
traversal), high delay networks (space networks), and highly secure
networks (financial, military). I thought avoiding negotiations would
be the key. I was also convinced we'll be dealing with more than one
network protocol for a while, hence no dependency on a single protocol.
IPREF might speed up unification, especially IPv6 in the Internet, but
it could also make it easier to develop specialized network protocols.
Maybe for high delay networks, maybe for highly secure networks, or
maybe for simplified networks.
On 2/14/23 12:25, Evan Pratten wrote:
I find this very interesting.
Would it be possible to chain references? for example
10.0.0.1+700+800? I can't think of a use case for this, but I'm sure
it would cross someone's mind to try.
The way I see this, IPREF is essentially encoding some or all of the
route to the final host in the address. Why not use real IPs all the
way down? For example: 10.0.0.1+10.0.0.4. This wouldn't require any
translation of reference numbers. Although, would make things less
dynamic.
---
Evan Pratten (VA3ZZA)
https://ewpratten.com
On Tue, Feb 14, 2023 at 11:10 AM waldemar <walde...@wdmsys.com>
wrote:
Hello,
I have submitted a new -00 draft,
https://datatracker.ietf.org/doc/draft-augustyn-intarea-ipref/. I
am new to this, although I worked on an RFC some 15 years ago. I
have contacted ADs for the area who advised me to seek feedback on
this list. Please, provide your thoughts. I will be also submitting
proper declarations in compliance with BCP 79. I need more time for
this.
Thank you
Waldemar Augustyn
_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area
_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area
_______________________________________________
Int-area mailing list
Int-area@ietf.org
https://www.ietf.org/mailman/listinfo/int-area
