[arin-ppml] The role of NAT in IPv6

Gams, Matthew D Matthew.Gams at chartercom.com
Thu Apr 15 11:21:50 EDT 2010


This assumes that just because you access the Internet you should be globally routable. I know it's too late to debate addressing schemes as IPv6 is already here but just because you have an insanely large address pool doesn't mean every toaster needs to have a globally unique address.

I don't want NAT for security reasons as that is just the wrong model. I and that layer of abstraction between public and private resources. This is the same model used in just about every area you look. In the physical world and city addresses where multiple 5th Streets exist in different cities but you have state, city, zip to make the repeated address unique. This also occurs with computer memory etc. where the virtual address space is given independent of physical RAM and allows you to have more virtual RAM than physical.

As you might be able to tell I would have preferred a different approach than IPv6 altogether where the full IPv4 address space was used for private addressing and edge devices would have prefixes that made them unique based on geographic/country/ISP information. But anyway, I am not convinced that NAT should be abandoned...



-----Original Message-----
From: Gary Giesen [mailto:ggiesen at akn.ca] 
Sent: Thursday, April 15, 2010 9:55 AM
To: Gams, Matthew D; 'arin-ppml at arin.net'
Subject: Re: [arin-ppml] The role of NAT in IPv6

On 10-04-15 10:27 AM, "Gams, Matthew D" <Matthew.Gams at chartercom.com> wrote:

> I don't understand why everyone wants to go IPv6 with global addressing
> everywhere. And the solution to renumbering is getting organizations with
> their own blocks which will slowly make the routing tables just as ugly as
> IPv4????
> 
> I would say NAT66 with Site-local "private" addressing on the inside.
> 
> On the networks I've ran, I would never want to worry about renumbering just
> because of an ISP change and I am not thinking that GUA is the way to go.
> 
> Keep the internal network internal and only change your outside numberings
> when you need along with static NAT/NAT pools.
> 
> Am I missing something???

Yes, NAT is an ugly beast that we wish would disappear...

Since we have abundant globally unique addresses, and no equivalent to
RFC1918 in IPv6, it has reached the end of its usefulness...
> 
> 
> -----Original Message-----
> From: arin-ppml-bounces at arin.net [mailto:arin-ppml-bounces at arin.net] On Behalf
> Of Chris Engel
> Sent: Wednesday, March 31, 2010 9:56 AM
> To: 'arin-ppml at arin.net'
> Subject: Re: [arin-ppml] The role of NAT in IPv6
> 
> Owen Delong wrote:
> 
>> Actually, the places that most need to deploy IPv6 at this
>> point being eye-ball ISPs and the public-facing portions of
>> content and services providers, I don't think that NAT has
>> been an actual barrier to adoption in either of those spaces.
>> The vast majority of people calling for NAT66 are the
>> enterprise interior, which is, IMHO, the least critical and
>> least likely group to get on the IPv6 bandwagon quickly
>> regardless of what is done to appease them.
> 
> 
> Well, in addition to being an Enterprise...my company is also an ASP.... which
> I believe would qualify as a "content and services provider" under your
> definition.
> 
> So lets see, if I want to deploy IPv6 currently....
> 
>  - Huge transition costs
> 
>  - No support for tools I rely on every day to make MY environment work the
> way I want it.
> 
>  - Out of compliance with current regulatory standards.
> 
> 
> Gee Whiz... where do I get to sign up for that?
> 
> 
> 
> 
> 
> 
> Christopher Engel
> 
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.
> _______________________________________________
> PPML
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-ppml
> Please contact info at arin.net if you experience any issues.




More information about the ARIN-PPML mailing list