[arin-ppml] IPv4 Depletion as an ARIN policy concern

[michael.dillon at bt.com]

> Many people 
> mistake the fact that NAT requires a stateful inspection 
> gateway to function for security being provided by NAT.  The 
> security is not provided by NAT, it is provided by stateful 
> inspection"

Why not redefine IPv6 NAT to be Network Access Taming (or some
other T word) which carries out basic stateful inspection 
functions? Demand that vendors supply this stateful inspection
in all routers and network access gateway boxes with the
default setting of "turned ON".

> NAT 
> allows you to utilize private network addresses for ALL your 
> internal devices.... which makes them unaccessable to 
> external traffic BY DEFAULT...and then allows you to assign 
> public IP's to ONLY those devices which are intended to be 
> externaly accessible. 

IPv6 with ULA allows you to utilise private network addresses
etc., etc...

> 2) NAT allows Network Admins the flexability to organize 
> thier own private address space and the assignment of IP's in 
> ways that logicaly make sense to them.

IPv6 with ULA allows....

> 3) NAT allows you to abstract your internal infrastructure 
> from the external services you present. This has alot of 
> utility. 

IPv6 with ULA allows....

Perhaps every ISP should define a ULA /48 and then reuse that
for every customer's internal addressing. In other words, 
instead of asking every customer to figure out ULA and
allocate their own ULA /48, the ISP would say, "Here, just
use this prefix for all your private addressing and use
this other one for interfaces which need to be publicly
accessible for incoming calls". It wouldn't even matter
if a smart user, reused that ULA for their friends networks
on another ISP, or published it in a magazine article
resulting in thousands of sites thinking that ULA /48
is the IPv6 private address range.

We really need more articles published covering experiences.

--Michael Dillon