ietf
[Top] [All Lists]

runumbering (was: Re: IPv6: Past mistakes repeated?)

2000-04-25 15:50:02
 
 > Wasn't one of the design goals of IPv6 to make renumbering easier,
 > so that people could move from small assignments to large ones?
 
 Yes.  IPv6's primary tool in this regard is that it supports multiple
 addresses simultaneously. To renumber, you add a new address to each
 ..... snip snip .....
 address, you simply stop using the old address. There are mechanisms
 in IPv6 that make this approach straightforward (i.e., specifying when
 

I have a hard time believing that your average IP net manager
wouldn't prefer to run an IPv6-IPv6 NAT box (lets call this
NATv6) at her ISP boundary rather than do site-wide renumbering.
My reasoning goes as follows:

First, while I am willing to grant you the term "straightforward"
to describe site-wide renumbering (it is, for instance, easier
than running a dynamic routing protocol), I would not grant the
term "trivial", and I would say there is some risk and effort
(to minimize the risk) involved. 

For instance, draft-ietf-ipnlwg-router-renum-10.txt says:
"Because of the power of the Router Renumbering mechanism, each RR
message includes a sequence number to guard against replays, and is
required to be authenticated and integrity-checked." Sounds risky
to me.

To minimize the risk, the IP net manager would go through siginifant
effort, first thoroughly testing everything to see that it works as
it is supposed to, then planning the renumbering, then doing the first
phase (adding the new prefix to routers before updating any hosts),
then doing a lot of testing of that, then bit by bit updating hosts,
testing each time, then somehow making sure that every host (or at
least every important host) has been properly updated and the new prefix
is fully in use, and then finally removing the old prefix (and you can
bet her heart will skip a beat when the window reading "Are you sure
you want to delete this prefix" comes up.

This is all doable, but isn't something a net manager is going to
take on lightly.


Now consider the NATv6 alternative.  The average net admin is already
comfortable with NAT at the ISP boundary (hell, some even like it).
She will already be running NAT, if for no other reason than to deal
with IPv4-IPv6 transition.  NATv6 is much less onerous than NATv4,
because the address mapping is one to one (and in fact is probably
a simple prefix rewriting, not a large table lookup), not many to
one like with IPv4.  What's more, NATv6 will give you some rudimentary
form of multihoming (can advertise different prefixes at different
ISPs)!

It seems to me that the decision to just use NATv6 rather than
do a site-wide runumber will be a very easy decision to make.

PF