[arin-ppml] The role of NAT in IPv6
Gary T. Giesen
ggiesen at akn.ca
Thu Apr 15 18:31:51 EDT 2010
Let's see if we can summarize the major reasons people are led to NAT:
1) Address scarcity - This is not an issue with IPv6, is the vast
majority of cases, and the reason NAT/PAT was created in the first place
2) Renumbering pain - Can be solved with relatively cheap,
readily-available GUA. Since every address is globally unique, you no
longer need to do 1:1 address translation. Since people can get their
allocations cheaply, it solves the renumbering pain/being tied to a
service provider. Some might argue this introduces a new cost through
the expansion of the DFZ and numbering of routing slots required, but
I'd argue the economic costs of NAT *far* outweigh this.
3) Regulatory requirements (HIPPA, PCI DSS) - This a policy obstacle,
not a technical one. Solving this involves no new implementations, just
educating regulators on what the realities of IPv6 are (or should be).
Yes, this one is the biggest obstacle, but not completely out of reach.
Isn't it our job as network operators to help both our customers and the
regulators understand that "IPv6 should work like this?"
If we can resolve all the reasons that lead people to NAT, we all
benefit. Through less complexity, lower deployment and support costs,
and better interoperability. Whether I'm a hardware vendor, ASP, ISP,
anything that touches IPv6 benefits. It shortens the time to market of
new products, and accelerates IPv6 deployment.
I couldn't even fathom what NAT has cost anyone who product uses IP, but
it's *huge*. Getting rid of it is win-win.
On Thu, 2010-04-15 at 17:59 -0400, Owen DeLong wrote:
> On Apr 15, 2010, at 2:48 PM, Chris Engel wrote:
> > Gary T. Giesen wrote:
> >> As Owen has pointed out many times, the cost of supporting
> >> NAT is rarely borne by the person implementing it. It's borne
> >> by everyone else trying to sell services to the the NAT'd customer.
> > So let me get this straight, you're complaining that your customers demand support for X functionality (NAT or fill in whatever blank you want) in the services that you are trying to sell them and then assert how unfair it is that you have to carry the costs of meeting your own (potential) customers demand?
> I'm not sure what Gary is asserting. However, I suspect his assertion
> is similar to mine...
> I'm asserting that NAT creates the following costs borne by people
> providing services to NON-NATTed customers who have nothing
> whatsoever to do with NAT:
> 1. Additional troubleshooting difficulty/cost (web sites, services,
> network providers, network providers selling to web sites, etc.)
> 2. Additional software complexity (ISVs)
> 3. Decreased security (inability to correlate events/logs)
> 4. Increased legal costs (see 3)
> > Let me introduce you to this concept called a "free market economy".
> Even in a free market economy, you're not supposed to dump toxic
> chemicals in the river upstream from my water treatment plant.
> You are receiving this message because you are subscribed to
> the ARIN Public Policy Mailing List (ARIN-PPML at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> Please contact info at arin.net if you experience any issues.
More information about the ARIN-PPML