ARIN-PPML Message

[arin-ppml] The non-deployment of IPv6

Lee Howard wrote:

"I'm very skeptical.  Stateless NAT46/64 means a 1:1 mapping of addresses, which doesn't help after IPv4 is unavailable.  Stateful NAT46 isn't even on the table at IETF yet.  Doubtful we'll have a product in time.  No equipment vendors say they'll have one-to- many address family translation by EOY 2011"


Took me all of about 5 minutes on Google to find this. Haven't dug too deeply into it yet, but it seems to address the sort of issues we'd be facing.

http://www.f5.com/products/big-ip/feature-modules/ipv6-gateway.html


 Again demand for these types of services is going to be big on the corporate end... switching over to IPv6 native is just NOT going to be a good option for most. At the very least, it's going to be a VERY expensive option... which means they are going to be willing to spend significantly on some sort of gateway/translation services so they don't have to do so. Are you trying to tell me that vendors are simply going to ignore all that cash waved in thier faces?

I'm sure when the time comes, there will be a plethora of options availble. IETF hasn't done much to address those sort of options because IETF seems to have an allergic reaction to the term NAT.... especialy under IPv6. However an IETF RFC is not a prerequisite for vendors to offer solutions.... that certainly wasn't the case with IPv4 NAT was it?



Lee Howard wrote:

"As an enterprise network operator, do you support a VPN for remote employees?  Once they can't get a global IPv4 address, if they change ISPs they'll either be behind IPv6 or large-scale NAT (i.e., NAT444).  Will your VPN work?"


Yes, and I don't know. However the general way to address that issue would be to look for a VPN solution that could handle that. You don't redo your entire network infrastructure just to address a single problem issue like that.  Again, I don't assume it will be difficult to find a VPN client that can provide connectivity to a IPv6 edge device...once that connectivity is established the remote employee's machine would be getting an IPv4 Private Space Address anyways....the only thing that IPv6 would be needed for would be to establish the tunnel.




Christopher Engel