[ppml] *Spam?* Re: IPv6 flawed?

Owen DeLong owen at delong.com
Mon Sep 17 16:33:00 EDT 2007


On Sep 17, 2007, at 1:19 PM, Iljitsch van Beijnum wrote:

> On 17-sep-2007, at 22:02, Ted Mittelstaedt wrote:
>
>> I can't say one way or another if IETF has deliberately made choices
>> with IPv6 that make it more difficult to design an IPv6 NAT, simply
>> for
>> the sake of making it more difficult to design an IPv6 NAT.  Since,
>> I'm not tasked with designing an IPv6 NAT and have not researched it.
>> But, from what some people
>> seem to have said in the past, an outsider would certainly draw that
>> conclusion.
>
> Don't know when NAT was invented, but I'm pretty sure even if it
> existed back when IPv6 was designed it wasn't on the radar at all.
>
You're actually wrong about that.  NAT was developed very close
to the time CIDR was developed, prior to RFC-1918, back when
private addressing was initially created using RFC-1597.  The
date on RFC1597 is March, 1994.  RFC1631 addresses NAT
as early as May 1994.  The earliest IPv6 RFC I could find is
RFC 1809, June 1995.

> I don't believe it's harder to do NAT with IPv6 than with IPv4.

That's true.  It's equally broken for either protocol.

> Certainly the people who created PF didn't seem daunted by the
> prospect. But the question is: when you have IPv6 NAT, what are you
> going to do with it? I don't see people bending over backwards to
> make their applications work through IPv6 NAT like they do for IPv4

Let's hope not.

> NAT: if you don't mind NAT, you're better off sticking with IPv4. Or
> use IPv6 with a proxy, that pretty much does the same thing as NAT
> but only cleaner because the applications have to know about it.
> Bonus: you can proxy between IPv4 and IPv6.
>
This is definitely a better approach than NAT, but, still not ideal in
my opinion.

> But I believe it would actually be easier to do the whole NAT/ALG/
> workaround thing with IPv4 because unlike with IPv4, you don't have
> to NAT from a single public address to a bunch of internal addresses,
> but you can do a 1-to-1 mapping between public and internal addresses.

I'll assume that the first IPv4 should be IPv6 in this paragraph.
Ture, 1:1 NAT is more feasible in IPv6 and that could simplify a
number of the NAT workarounds vs. IPv4 where you are usually
having to deal with PAT to overload a single IP address in the
translation process.

Owen




More information about the ARIN-PPML mailing list