[e2e] 100% NAT - a DoS proof internet
alok
alokdube at hotPOP.com
Mon Feb 20 22:22:32 PST 2006
Any chances that NATs will no longer be stateful?
-----Original Message-----
From: end2end-interest-bounces at postel.org
[mailto:end2end-interest-bounces at postel.org] On Behalf Of Dan Wing
Sent: Tuesday, February 21, 2006 3:54 AM
To: 'Joe Touch'
Cc: 'Jon Crowcroft'; end2end-interest at postel.org
Subject: Re: [e2e] 100% NAT - a DoS proof internet
> Dan Wing wrote:
> > (behind on my email - sorry for the delay.)
> >
> >> -----Original Message-----
> >> From: end2end-interest-bounces at postel.org
> >> [mailto:end2end-interest-bounces at postel.org] On Behalf Of Joe Touch
> >> Sent: Monday, February 13, 2006 8:18 AM
> >> To: Jon Crowcroft
> >> Cc: end2end-interest at postel.org
> >> Subject: Re: [e2e] 100% NAT - a DoS proof internet
> >>> So if we want to talk to a set of known people, we hash their
> >>> identifier (name) to TIME. We then send to each other at
> that agreed
> >>> time - no-one else can send to us or from us to them, and
> >>> the hash key can be a shared secret....
> >> How do you "send to each other"?
> >>
> >> You need to talk to a host behind a NAT. You need to reach
> >> the service
> >> on that host that runs this DHTime protocol. You can have
> >> more than one host behind the NAT. A NAT basically makes
> >> everything
> >> behind it look like one host.
> >>
> >> There are two options:
> >>
> >> a. the host behind the NAT tries to reach the other host first
> >> this works only if the 'other host' is NOT behind
> >> a NAT, so we're out of luck
> >>
> >> b. you 'register' your host somewhere as owning a unique
> >> way to demultiplex packets to it
> >
More information about the end2end-interest
mailing list