[arin-ppml] 464: was (Re: IPv6 adoption, map-encap for IPv4?)
Robin Whittle
rw at firstpr.com.au
Fri Jun 13 11:49:19 EDT 2008
Hi Alain,
I read your Internet Draft a couple of weeks ago:
http://tools.ietf.org/html/draft-durand-v6ops-natv4v6v4-01
but couldn't easily find your presentations. Please let me know
where they are.
I assume 464 involves multiple customers sharing a remote NAT box
with a single public IPv4 address. I understand the primary
motivation here is to eliminate the current requirement that each
customer's DSL or DOCSIS service have its own public IPv4 address.
Does each user PC get a link to the remote NAT box, meaning each PC
experiences a single layer of NAT to the IPv4 Internet?
Or does the home modem operate as a NAT box in some way for IPv4,
and that NAT box gets a link through 464 to another remote NAT box
which actually has a public IPv4 address?
I understand uPnP Internet Gateway Device (IGD) is implemented in
many DSL modems and used by applications now to get a hole through
their DSL (DOCSIS too?) modem's NAT - so the application has direct
access to a UDP/TCP port in that modem's single public IPv4 address.
That means ordinary users, with little or no effort or awareness,
can run servers, receive incoming communications etc. when an
application needs to. Dynamic DNS enables these servers etc. to be
reachable via stable FQDNs.
If 464 presents the PC with a single layer of NAT, maybe it could do
uPnP IGD too. But if 464 is double NAT, I guess this wouldn't work.
Either way, by trying to squeeze multiple customers onto a single
IPv4 address (or into fewer IPv4 addresses than customers), even if
uPnP works, there will be clashes when two customers on the same NAT
box want the same port. That is OK when the NAT box is at home,
used by the one customer. A family or office can fight it out
amongst themselves who gets each port. But it does not seem to me
like a workable solution for customers who expect (even without
knowing what it is) for uPnP to work as it does on today's ordinary
IPv4 services.
As far as I know, with 464, each customer would have to take their
chances with what other customers are doing with uPnP IGD capacity
of the one NAT box they share. I guess the NAT box could have more
than one IPv4 address - but then this is getting messy, trying to
guess how many of the customers of that box want the same port.
Does the customer run their own private IPv4 network? I assume
their network isn't shared with other customers.
Thanks for this:
> I clearly say that an IPv6-only service to broadband customers is
> a non starter today.
Some folks are citing Comcast leading the way as evidence that
IPv6-only services will soon by practical . . . widespread . . . and
perhaps ubiquitous much sooner than people like me expect.
> Think of IPv6 as a wonderful end to end L2 taking our packets to
> the nearest IPv4-IPv4 NAT box ;-)
OK.
> IMHO, 464 is a technology that makes IPv6 backward compatible with
> IPv4.
I disagree entirely. As far as most end-user traffic is concerned,
all I think you are doing with 464 is using IPv6 as a "wonderful end
to end L2 taking packets to the nearest IPv4-IPv4 NAT box"!
I can't imagine ubiquitous IPv6-only services - without relying
primarily on IPv4 as you are with 464 - being viable until:
1 - Most websites, IM servers, game servers etc. are available via
IPv6.
2 - Most Operating systems, applications work fine with IPv6 only,
or dual stack.
where "Most" means something like 95%, 99% or 99.9%. This is a
stupendous global chicken and egg problem. Even dual stack IPv6
adoption is minute and glacial, but these two interdependent
conditions require applications and operating systems which can
survive fine without IPv4 at all. There's no real reason for 1 to
occur until 2 occurs - no reason for 2 unless 1 eventuates. Until
then all applications and services will have to support IPv4, which
means having IPv6 doesn't really provide any substantial added value
for end-users.
An IPv6 service can provide each end-user with a stable patch of
public IPv6 address space they could use for servers etc. However,
I understand that end-users can already use uPnP IGD for that.
IPv6 proponents have great hopes that the IPv4 address depletion
problem will cause many ISPs and end-users to have no option but to
jump ship. However, as you implicitly acknowledge, we are a long
way from there being a situation where the great majority of
end-users can be happy, without excessive support calls, with an
IPv6-only service: not nearly enough applications nor services run
with IPv6 yet.
I believe there is great scope for using IPv4 space more efficiently
than at present, especially by using a map-encap scheme - but that
view is not shared by many people today.
I doubt that ISPs using IPv6 access networks as a link between
customers' PCs and an IPv4 NAT box would advance genuine IPv6
adoption much, or the development of IPv6 capable applications and
servers.
- Robin http://www.firstpr.com.au/ip/ivip/
More information about the ARIN-PPML
mailing list