Iljitsch van Beijnum wrote :
I share the view that, with only the Duplicate Address Discovery protocol as is, this would be very inefficient. Some work would be needed to complement the DAD protocol in order to improve its efficiency for this kind of application. A number of addresses can at least be acquired in advance, to avoid delays when they have to be used, but this would clearly not be good enough. My feeling is that DAD protocol complements are possible such that the extended privacy we talk about would become practicable. But it seems unclear at this stage whether, in order to reach the same privacy and security objective, people will prefer to work on the IPv6 NAT paradygm, or on an Extended Privacy Address paradygm, or on both in parallel, My point here is just to discuss an ALTERNATIVE to IPv6 NATs with those who believe they are unavoidable. Right.You also don't want to do it for applications that require referrals, such as peer-to-peer. For these applications, addresses to be reached must be published somewhere, e.g. in the DNS. They appear as DESTINATION addresses of newly established connections. They therefore don't conflict with the"one newaddress for each outgoing connection" rule. (The rule concerns SOURCE addresses, a point which was implicit in what I wrote, but which may be worth making clearer) . RD |
_______________________________________________ Ietf mailing list [email protected] http://www.ietf.org/mailman/listinfo/ietf
