[arin-ppml] The role of NAT in IPv6

Gams, Matthew D Matthew.Gams at chartercom.com
Thu Apr 15 13:30:30 EDT 2010



From: Lee Dilkie [mailto:Lee at Dilkie.com]
Sent: Thursday, April 15, 2010 12:26 PM
To: Gams, Matthew D
Cc: Gary Giesen; 'arin-ppml at arin.net'
Subject: Re: [arin-ppml] The role of NAT in IPv6



<http://www.fuelly.com/driver/dilkie/golf>

On 4/15/2010 11:21 AM, Gams, Matthew D wrote:

This assumes that just because you access the Internet you should be globally routable. I know it's too late to debate addressing schemes as IPv6 is already here but just because you have an insanely large address pool doesn't mean every toaster needs to have a globally unique address.



I don't want NAT for security reasons as that is just the wrong model. I and that layer of abstraction between public and private resources. This is the same model used in just about every area you look. In the physical world and city addresses where multiple 5th Streets exist in different cities but you have state, city, zip to make the repeated address unique. This also occurs with computer memory etc. where the virtual address space is given independent of physical RAM and allows you to have more virtual RAM than physical.



As you might be able to tell I would have preferred a different approach than IPv6 altogether where the full IPv4 address space was used for private addressing and edge devices would have prefixes that made them unique based on geographic/country/ISP information. But anyway, I am not convinced that NAT should be abandoned...



And tell me, do you just put "5th street" as your return address on letters or are you aware of your globally unique mailing address?

Because I *think* you do know your globally unique address and that is what you give out to folks whom want to mail things to you. And why should the electronic world be any different. All sorts of communication protocols have a need to "give out" their address so they can be reached at a later time.

-lee









-----Original Message-----

From: Gary Giesen [mailto:ggiesen at akn.ca]

Sent: Thursday, April 15, 2010 9:55 AM

To: Gams, Matthew D; 'arin-ppml at arin.net<mailto:arin-ppml at arin.net>'

Subject: Re: [arin-ppml] The role of NAT in IPv6



On 10-04-15 10:27 AM, "Gams, Matthew D" <Matthew.Gams at chartercom.com><mailto:Matthew.Gams at chartercom.com> wrote:





I don't understand why everyone wants to go IPv6 with global addressing

everywhere. And the solution to renumbering is getting organizations with

their own blocks which will slowly make the routing tables just as ugly as

IPv4????



I would say NAT66 with Site-local "private" addressing on the inside.



On the networks I've ran, I would never want to worry about renumbering just

because of an ISP change and I am not thinking that GUA is the way to go.



Keep the internal network internal and only change your outside numberings

when you need along with static NAT/NAT pools.



Am I missing something???





Yes, NAT is an ugly beast that we wish would disappear...



Since we have abundant globally unique addresses, and no equivalent to

RFC1918 in IPv6, it has reached the end of its usefulness...







-----Original Message-----

From: arin-ppml-bounces at arin.net<mailto:arin-ppml-bounces at arin.net> [mailto:arin-ppml-bounces at arin.net] On Behalf

Of Chris Engel

Sent: Wednesday, March 31, 2010 9:56 AM

To: 'arin-ppml at arin.net<mailto:arin-ppml at arin.net>'

Subject: Re: [arin-ppml] The role of NAT in IPv6



Owen Delong wrote:





Actually, the places that most need to deploy IPv6 at this

point being eye-ball ISPs and the public-facing portions of

content and services providers, I don't think that NAT has

been an actual barrier to adoption in either of those spaces.

The vast majority of people calling for NAT66 are the

enterprise interior, which is, IMHO, the least critical and

least likely group to get on the IPv6 bandwagon quickly

regardless of what is done to appease them.







Well, in addition to being an Enterprise...my company is also an ASP.... which

I believe would qualify as a "content and services provider" under your

definition.



So lets see, if I want to deploy IPv6 currently....



 - Huge transition costs



 - No support for tools I rely on every day to make MY environment work the

way I want it.



 - Out of compliance with current regulatory standards.





Gee Whiz... where do I get to sign up for that?













Christopher Engel



_______________________________________________

PPML

You are receiving this message because you are subscribed to

the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).

Unsubscribe or manage your mailing list subscription at:

http://lists.arin.net/mailman/listinfo/arin-ppml

Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.

_______________________________________________

PPML

You are receiving this message because you are subscribed to

the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).

Unsubscribe or manage your mailing list subscription at:

http://lists.arin.net/mailman/listinfo/arin-ppml

Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.





_______________________________________________

PPML

You are receiving this message because you are subscribed to

the ARIN Public Policy Mailing List (ARIN-PPML at arin.net<mailto:ARIN-PPML at arin.net>).

Unsubscribe or manage your mailing list subscription at:

http://lists.arin.net/mailman/listinfo/arin-ppml

Please contact info at arin.net<mailto:info at arin.net> if you experience any issues.





No, my letters to others have the full address information but my house only has 1234. Not even the street name is on my house. A true hierarchical address scheme would allow this.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20100415/7fd5cb5d/attachment.htm>


More information about the ARIN-PPML mailing list