[ppml] *Spam?* Re: IPv6 flawed?
owen at delong.com
Mon Sep 17 16:33:00 EDT 2007
On Sep 17, 2007, at 1:19 PM, Iljitsch van Beijnum wrote:
> On 17-sep-2007, at 22:02, Ted Mittelstaedt wrote:
>> I can't say one way or another if IETF has deliberately made choices
>> with IPv6 that make it more difficult to design an IPv6 NAT, simply
>> the sake of making it more difficult to design an IPv6 NAT. Since,
>> I'm not tasked with designing an IPv6 NAT and have not researched it.
>> But, from what some people
>> seem to have said in the past, an outsider would certainly draw that
> Don't know when NAT was invented, but I'm pretty sure even if it
> existed back when IPv6 was designed it wasn't on the radar at all.
You're actually wrong about that. NAT was developed very close
to the time CIDR was developed, prior to RFC-1918, back when
private addressing was initially created using RFC-1597. The
date on RFC1597 is March, 1994. RFC1631 addresses NAT
as early as May 1994. The earliest IPv6 RFC I could find is
RFC 1809, June 1995.
> I don't believe it's harder to do NAT with IPv6 than with IPv4.
That's true. It's equally broken for either protocol.
> Certainly the people who created PF didn't seem daunted by the
> prospect. But the question is: when you have IPv6 NAT, what are you
> going to do with it? I don't see people bending over backwards to
> make their applications work through IPv6 NAT like they do for IPv4
Let's hope not.
> NAT: if you don't mind NAT, you're better off sticking with IPv4. Or
> use IPv6 with a proxy, that pretty much does the same thing as NAT
> but only cleaner because the applications have to know about it.
> Bonus: you can proxy between IPv4 and IPv6.
This is definitely a better approach than NAT, but, still not ideal in
> But I believe it would actually be easier to do the whole NAT/ALG/
> workaround thing with IPv4 because unlike with IPv4, you don't have
> to NAT from a single public address to a bunch of internal addresses,
> but you can do a 1-to-1 mapping between public and internal addresses.
I'll assume that the first IPv4 should be IPv6 in this paragraph.
Ture, 1:1 NAT is more feasible in IPv6 and that could simplify a
number of the NAT workarounds vs. IPv4 where you are usually
having to deal with PAT to overload a single IP address in the
More information about the ARIN-PPML