[arin-ppml] The role of NAT in IPv6

TJ trejrco at gmail.com
Thu Apr 15 11:47:14 EDT 2010


On Thu, Apr 15, 2010 at 11:21, Gams, Matthew D
<Matthew.Gams at chartercom.com>wrote:

> This assumes that just because you access the Internet you should be
> globally routable. I know it's too late to debate addressing schemes as IPv6
> is already here but just because you have an insanely large address pool
> doesn't mean every toaster needs to have a globally unique address.
>

Agreed, it doesn't NEED a GUA.  However, if we live in a world where it had
one, do we gain anything?  I'd argue yes ...
And, absent the address shortage concern - if something could add value, at
no real cost, why not do it.

The conversation over "'But NAT with static rules and FW permits' is the
same as 'GUAs with static FW permits'" is incorrect.
The simplest example - two devices, both listening for the same port and
client SW that will only (readily) talk to that port.
Is that surmountable sans IPv6?  Yes.
But is it easier, more efficient, etc. with IPv6?  Yes.

(Even more-so as certain "deperimeterization efforts progress .. but that is
an entirely separate conversation, for a different mailing list!)

I don't want NAT for security reasons as that is just the wrong model. I and
> that layer of abstraction between public and private resources. This is the
> same model used in just about every area you look. In the physical world and
> city addresses where multiple 5th Streets exist in different cities but you
> have state, city, zip to make the repeated address unique. This also occurs
> with computer memory etc. where the virtual address space is given
> independent of physical RAM and allows you to have more virtual RAM than
> physical.
>
> As you might be able to tell I would have preferred a different approach
> than IPv6 altogether where the full IPv4 address space was used for private
> addressing and edge devices would have prefixes that made them unique based
> on geographic/country/ISP information. But anyway, I am not convinced that
> NAT should be abandoned...


And don't get me wrong - I am not as vehemently Anti-NAT as some ... I just
hope that even if "NAT66" becomes a standard, it does  not become the
standard way to deploy IPv6 :).


Cheers,
/TJ
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20100415/3cc9142f/attachment-0001.html>


More information about the ARIN-PPML mailing list