[arin-ppml] IPv6 Non-connected networks
Owen DeLong
owen at delong.com
Mon Mar 29 18:39:00 EDT 2010
On Mar 29, 2010, at 11:49 AM, Roger Marquis wrote:
> Owen not-a-security-engineer DeLong wrote:
>> Things actually slowing down residential IPv6 deployment:
>> + Lack of CPE support
>> + Lack of Head-End (PON concentrator, DSLAM, CMTS, etc.) support
>> + Lack of support from the ISP
>
> The same arguments can be made for NAT. NAT stateful translation can be
> added to CPE just as easily as IPv6 support can be added to CPE.
> Upgrading equipment in COs and in colos is no more difficult either.
>
True, but, the average residential customer couldn't care less about NAT.
In fact, most of the residential customers I know long for the ability to choose
their level of accessibility rather than being stuck in a NAT straightjacket.
> Citing the lack of CPE support for Torrent, SIP and other protocols as a
> reason to leave NAT out of IPv6 is specious. The CPE will still need
> stateful translation to provide the same security, and NAT is the
> simplist way to do it.
>
No, it needs stateful inspection, not translation.
Owen
More information about the ARIN-PPML
mailing list