[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: why market picked up NATs [Re: Writeups on why RFC1918 is bad?]

With the indulcence of the working group perhaps a preface to
the question I posed to Pekka might help here, to understand where I
was coming from:...

Why are NATs so prevalent.?

I have this personal hunch that technologists are not natural economists,
and the dynamics of the market leaves the technologist mystified.
Why is it that NATs are so popular when you and I know that
they are a rather uncomfortable compromise. Why was QoS
simply not a goer? Why has multicast gone nowhere? And
what's happening with IPv6? I have this feeling that the technology
approach is "well if you liked IP then you _will_ like
everything else we have to offer!" Markets are somewhat different.
Markets were willing to ditch CPM-M in favour of DOS (old analogy,
but if you'd ever tried to make both of them do anything
useful you'd see what I mean about the market making a poor
decision!), wiling to ditch the MAC in favour of the IBM PC architecture,
and, in general markets are just as willing to ignore good technology
as they are likely to pick it up and run with it.

That lead  onto the question I posed Pakka about NATs.


At 05:30 PM 18/09/2003 +0300, Pekka Savola wrote:
>As I sent some thoughts on RFC1918 to the IAB, we had a short personal
>discussion with Geoff, and he made a very good question:
>"Why did the market pick up NATs and run so hard with them despite
>  their evident complications and technical compromises?"
>I made a few observations of my own, which I believe are not so technical
>(because I don't think picking NATs has been a very technical decision,
>most of the times.)
>This discussion -- while maybe off-topic, chairs please speak up if so --
>may be relevant when considering whether there is something missing in the
>IPv6 protocol set.
>Pekka Savola                 "You each name yourselves king, yet the
>Netcore Oy                    kingdom bleeds."
>Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
>---------- Forwarded message ----------
>Date: Mon, 15 Sep 2003 15:34:34 +0300 (EEST)
>From: Pekka Savola <pekkas@netcore.fi>
>To: Geoff Huston <gih@telstra.net>
>Subject: Re: Writeups on why RFC1918 is bad? (fwd)
>On Mon, 15 Sep 2003, Geoff Huston wrote:
> > At 11:19 AM 15/09/2003 +0300, Pekka Savola wrote:
> > So the question that strikes right at the heart of this is:
> > "Why did the market pick up NATs and run so hard with them despite
> > their evident complications and technical compromises?"
> >
> > And if you can provide some insights into market behaviours in
> > answering the above question then you will gain some valuable
> > insights in answering the related questions listed above.
>(hmm.. perhaps we'd have had this discussion on a larger forum, like the
>ipv6 list or the IAB list.. feel free to forward or whatever if you feel
>the latter would be warranted.)
>I have thought up four reasons for this; I think all of them, especially
>the first two, are pretty obvious, and should not be technology-driven.
>  1) they provide for easy, extensible networking.  When you install a NAT
>box in the network, the user doesn't have to configure static routes or
>anything like that; the NAT box is "transparent" (in a weird sense) to the
>network.  The same argument applies to bridging compared to routing; if we
>wanted to get rid of NAT's e.g. in home or SOHO environments for IPv6, I'm
>pretty certain we'd have to go and specify a bridging architecture
>(remember J. Noel Chiappa's posts on why he thinks he made a mistake by
>advocating routing instead of bridging at the start of 80's).
>  2) NAT's have security properties which are understandable and settable
>even by those who don't have any security expertise.  Just plug it in, and
>bam.. you prevent any incoming traffic except to those nodes which have
>been explicitly configured.  The same would be doable with total-blockage
>access lists as well, but many folks really don't understand this.
>  3) IP address space conservation and ISP business models.  ISPs feel that
>they cannot give enough IP addresses to the users (e.g. home), unless they
>want to spend considerable amount of energy fighting the respective RIR to
>get the address space (e.g., our hostmaster boggled when I proposed he'd
>apply for some /20 or /21 for a thousand or so DSL users).  On the other
>hand, some ISPs do even have a business model of not giving the home users
>anything but one address, to get them to get premium service; I don't know
>the details of such arrangements.  The bottom line is that getting IP
>addresses to those folks that need them (e.g. homes), _easily_, is just
>too difficult, impossible or costs too much.
>  4) the evident complications and technical compromises are not really so
>evident (as in, you don't typically notice or understand them outright,
>and when you do, it's already too late), and your favourite vendor is more
>than happy to code workarounds to these complications (e.g. ALG's) to gain
>you as a customer.
>Do you have any answers of your own to the question you posed?
>Pekka Savola                 "You each name yourselves king, yet the
>Netcore Oy                    kingdom bleeds."
>Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
>IETF IPv6 working group mailing list
>Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6

IETF IPv6 working group mailing list
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6