[arin-ppml] CGN multiplier was: RE: Input on an article by Geoff Huston (potentially/myopically off-topic addendum)
owen at delong.com
Thu Sep 15 07:52:57 EDT 2011
On Sep 15, 2011, at 4:44 AM, Matthew Kaufman wrote:
> On 9/15/11 1:40 PM, Owen DeLong wrote:
>> On Sep 14, 2011, at 11:11 PM, Matthew Kaufman wrote:
>>> On 9/15/11 5:02 AM, Owen DeLong wrote:
>>>>>> Using NAT66 to enable at least one form of provider portability
>>>>>> that is commonly used today in the IPv4 world and that most
>>>>>> people are familiar with is an important step forward. Just
>>>>>> because IPv6 has more addresses, doesn't automatically fix the
>>>>>> provider portability issue.
>>>>> I agree with that statement; namely, easy renumbering still is an
>>>>> oxymoron. But RFC6296 is more than NAT66 and not enough to provide a
>>>>> working multihoming solution.
>>>> But the barrier to getting PI in IPv6 is so low that I really think PI is preferable
>>>> to NAT.
>>> And how low is the barrier to getting your PI space routed by your local telco or cable ISP?
>> Relatively low. In the case of IPv6, even if your direct provider won't route it, you can always
>> advertise it over a free tunnel.
> 1. The odds that the "free tunnel" service you're thinking of will be ready to support high-performance tunnels for every single customer of every single major ISP is low.
Probably true. However, the odds that every single customer of every single major ISP will go to the trouble of getting PI rather than living in a single-homed environment without bothering with NAT either is also low.
We're just talking about the subset of people who care enough about the issue to bother with multihoming or provider portability. That's not even a significant fraction of the set you define above.
I'm pretty sure that the free tunnel services I am thinking of (and there really are more than one of them) will be able to handle the actual load.
> 2. Tunneling is highly suboptimal.
I guess it's a question of which form of suboptimal you prefer... I'd certainly prefer a suboptimal tunnel to the even larger set of suboptimal situations created by using NAT.
> 3. If you're going to tunnel, you don't need any ISP to offer IPv6 services except for yours. Which is actually an interesting idea... a new walled garden consisting of a tunnel endpoint and a bunch of v6-only services on the other side.
I'm not sure I follow you here. I'm talking about using a 6in4 or 6in6 tunnel to reach the IPv6 internet using PI space so that you have effective number portability without having to depend on your immediate provider being willing to route your space directly. Given the relatively low cost of small amounts of colo these days, it's also pretty easy to put your own small routers up to take a BGP default in a colo and advertise your routes to the colo.
>>> My guess is that PI is going to be a great place to get unique space to put on "your" side of your NAT66.
>> I'd much rather tunnel it than NAT it. YMMV.
> I'd much rather have my traffic stay local than send it to wherever your tunnel service is.
I guess that depends on the proximity of the tunnel servers. In my experience, most of the direct routes go through a router right next to the tunnel server that I use whether the packets go through a tunnel or not, so, it's really not so much a different path as a difference in how much of the path involves encapsulated packets.
If your traffic actually stays local, what's the point? I'd rather have my traffic reliably reach the internet.
More information about the ARIN-PPML