[e2e] 100% NAT - a DoS proof internet
Joe Touch
touch at ISI.EDU
Wed Feb 22 10:34:27 PST 2006
Andrew Warfield wrote:
>>I'll grant that the DNS sits outside the Internet network architecture
>>the same way that NAT-host registries do. But NAT'd systems are a
>>network structure that won't forward packets unless such a service
>>exists; the Internet doesn't require that.
>
> By "the Internet" here, you mean "the part of the Internet that
> doesn't sit behind NATs", right?
The "Internet" means, IMO, the part of the network that follows Internet
rules, which mean:
- globally-routable addresses
- hop-by-hop forwarding using local rules
The part behind NATs are serviced by a proxy (the NAT box) with data
communications capabilities, but it's definitely NOT the Internet back
there.
Joe
More information about the end2end-interest
mailing list