[ipv6hackers] the end is near (or for IPv6: the beginning)

James Small jim.small at mail.com
Wed Jan 29 01:18:07 CET 2014 

> I'd kindly like to challenge the following statement, if only the "many"
in it:
> 
> > NAT Challenges:
> > * Many applications use embedded addresses which is broken by NAT
> 
> I'd like to learn which application are these (still).  At a quick glance
only the
> following ones come to my mind:
> * active FTP
> * SIP?
> * XMPP?
> * selected proprietary ones
> Don't seem to be 'many' so far ...

See RFC 3027.  Also, unfortunately it is not uncommon for home grown apps to
embed address literals because many programmers disdain DNS as they don't
control it.


> Further to that, I am curious, which applications are currently limited
and
> harmed by
> 
> > * Restricts inbound connections (obviously with many limitations)

Gaming and generically any kind of unified communications (VoIP, Video
Conferencing, etc.) are greatly complicated by NAT.  Using ALGs, ICE, and
STUN add a great deal of complexity and often limitations.  Rather than
being easy to setup these kinds of apps (gaming/UC) it can require expensive
consultations.


> or, asked vice versa, which ones would benefit most from direct end-to-end
> connectivity (where allowed)?

Gaming, UC, and any type of collaboration software that involves multiple
parties directly interacting.  Allowing direct communication allows
developers to concentrate on making great apps and not on troubleshooting
strange NAT issues and maintaining complex infrastructures to supports
things like ICE/STUN/Relays.

 
> I can think of direct E2E/P2P in the form of audio(SIP/RTP), video, data
(think
> e.g. torrents) transmission, but which one(s) would benefit/grow the most?

The general problem with NAT is it makes developing and deploying
applications more difficult.  I'm not saying you should never use it.  I am
saying  you should carefully consider what complexity you're adding and what
features you're potentially giving up by choosing to deploy it.  In my
experience this is seldom done.  However if you look at operational overhead
there is a substantial and measurable cost to deploying NAT.  You have to
decide if your situation justifies it.

--Jim

More information about the Ipv6hackers mailing list