On Apr 27, 2010, at 10:48 AM, Matthew Kaufman wrote:
Andy Davidson wrote:
On Tue, Apr 20, 2010 at 11:29:59AM -0400, John R. Levine wrote:
Did you use Yahoo IM, AIM, or Skype?
Yes, yes, and yes. Works fine.
What about every other service/protocol that users use today, and might be invented tomorrow ? Do & will they all work with NAT ?
Anyone inventing a new service/protocol that doesn't work with NAT isn't planning on success.
Respectfully, I disagree. There are many possible innovations that are available in a NAT-less world and it is desirable to get to that point rather than hamper future innovation with this obsolete baggage.
Do many others work as well or act reliably through NAT ?
Yes.
In reality, it's more like some yes, some not so much.
Will it stop or hamper the innovation of new services on the internet ?
Hasn't so far.
Here I have to call BS... I know of a number of cases where it has.
The answer to these questions isn't a good one for users, so as the community that are best placed to defend service quality and innovation by preserving the end to end principal, it is our responsibility to defend it to the best of our ability.
Firewalls will always break the end-to-end principle, whether or not addresses are identical between the inside and outside or not.
Yes and no. Firewalls will always break the idea of global universal end-to-end reachability. The do not break the end-to-end principle except when NAT is involved. The end-to-end principle is that the original layer 3+ information arrives at the layer 3 destination un-mangled by intermediate devices when it is a permitted type of traffic. Blocking unwanted flows does not break the end-to-end principle. Maiming and distorting data contained in the datagram, including the headers, on the other hand does break the end-to-end principle.
So get busy - v6 awareness, availability and abundancy are overdue for our end users.
Maybe. Most of them are perfectly happy.
This word Most, it does not mean what you appear to think it means. Owen