[arin-ppml] The role of NAT in IPv6

Gary T. Giesen ggiesen at akn.ca
Fri Mar 26 19:18:17 EDT 2010

There have to be controls. Obviously the burden to renumber a few
servers and half a dozen workstations is far less than an organization
with 5,000 servers and 50,000 employees, so the bar has to be set
somewhere. I'm just saying it should be set lower than it currently is.

But chances are a company of that size won't know the difference anyways
and will accept whatever their provider hands them.

I'm not saying that developing the appropriate policy will be easy, but
given the alternative (NAT), I vote to try. Not only that, my suggestion
requires the development of exactly *zero* new
protocols/implementations. This gives time for vendors to catch up
without worrying about trying to hit a moving target. We've got the
protocol now, and the mechanisms we need to deploy it. Let's not further
delay adoption because we're clinging onto a bastardized hack which was
designed only to prolong the life of the old protocol and is completely
unnecessary in the new one.

Obviously you've never been on the other end of a call of a customer who
has (mis)configured policy-NAT on their SMB gateway which shoots packets
sourced from different IPs based on the the port and what day of the
month it is. IPv6 was actually designed to be simpler than v4. Let's not
change that.

On Fri, 2010-03-26 at 19:00 -0400, Matthew Kaufman wrote:
> Gary T. Giesen wrote:
> > If that's a concern, then get GUA space out of the gate and you'll never
> > renumber again. I believe GUA should be made cheap and relatively easy
> > to get (instead of something using something like ULA and NATing it). 
> >   
> Right, and so this argues for ARIN to make it easy *and cheap* for a 
> newly-formed single-homed company with a half-dozen employees and a few 
> servers to get globally-unique *and* routable IPv6 address space.
> Matthew Kaufman

More information about the ARIN-PPML mailing list