[arin-ppml] Draft Policy 2011-5: Shared Transition Space for IPv4 Address Extension - IAB comment

Jimmy Hess mysidia at gmail.com
Tue Jun 28 20:38:36 EDT 2011


On Tue, Jun 28, 2011 at 9:50 AM, Joel Jaeggli <joelja at bogus.com> wrote:
> On Jun 28, 2011, at 5:50 AM, Jimmy Hess wrote:
>> [snip]
>> What assumptions would those be?
> That a port mapped to a the outside of a cpe which does not have an rfc 1918 address will in fact be reachable (example by upnp or nat pmp)

We don't need to address all the issues with NAT and NAT444 over again
in this discussion;  there are multiple RFCs and drafts discussing NAT
and its issues,  let's concentrate on any _additional_ assumptions
that are violated by ARIN allocating a shared address space
that are not violated by the mere use of NAT444.

This is basically an argument against the use of NAT444 ever,  but if
ISPs want to utilize NAT444, this assumption is violated whether a
special shared range is allocated or not;  violation of that
assumption should not be a hurdle against 2011-05 adoption by ARIN.
The choice to deploy NAT444 or not is the choice of the ISPs  in
deciding how they will deal with IPv4 exhaustion,  in the interim,
assuming IPv6 will be deployed.

ISPs can study the impacts to their particular CPE model(s) and choose
to deploy (or not deploy), based on their requirements.
Whether to use NAT444 or not,  and whether to provide a single
dedicated allocation for all the large ISPs that are going to deploy
NAT444  (instead of each large ISP needing to carve out their own
shared range),  is a separate question.


As multiple service providers want to use NAT444,  ARIN should
acknowledge that,  and provide shared resources  _one time_ if it
makes sense to do so, from a standpoint of overall  conservation and
efficient utilization of IPv4 address space.


The benefit to the community, is a reduction in the amount of IPv4
resources that can be justified by ISPs utilizing NAT444 on their
networks, and therefore  (hopefully)  an  easing of  demand for IPv4
address space  after exhaustion.



The "reachable outside IP" is an assumption that is violated by
NAT444,  whether the CPE's outside address is in RFC1918 space or not,
 this is violated,  regardless of whether the range used is a range
shared by other providers or not.
In any Large Scale NAT implementation,  this assumption cannot be
preserved and is unsalvageable.

After the CPE's outside address is translated using LSN or  NAP,   the
port will not be reachable from outside the Large Scale NAT device,
even if a globally routable IP address is utilized.


> That an ipv4 unicast address can be used as source or destination for an auto-tunneling mechanism.

Ditto.


---
-JH



More information about the ARIN-PPML mailing list