Jeroen Massar wrote:
What if you want to do VoIP from _multiple_
computers or even real VoIP phones.
This has never been an issue in the enterprise.
In the typical enterprise VOIP design (if there is such thing) there's no way
an IP phone could have direct access to the Internet, for the same reasons
there's no way a PC could have direct access to the Internet. PCs use either a
proxy server or a firewall with content filtering, IP phones use an enterprise
registration server that also provides AAA. Link to POTS is provided by a
specialized box (universal access server for big setups or low-end router with
DSP add-ons for smaller ones), as your enterprise voice dude does not want you
to call 1-900-GET-PR0N over IP more than your enterprise data dude wants you to
surf www.whitehouse.com.
In many situations, the VOIP protocol used inside the enterprise is
proprietary: recently I have seen more IP phones using Skinny than all the
other protocols combined.
Do the Skinny phones access the Internet? No. Is it a problem? No. If a Skinny
phone wants to talk to a SIP phone, it uses a gateway. For what I have seen, it
does not appear much more difficult to make a Call Manager server talk to a SIP
server than two SIP servers together.
Even in an IPv6-only world, the IPv4 VOIP system would still work: phones
already have an identifier (the phone number) different from the locator (the
IPvX address); all that would be required would be an IPv4 <-> IPv6 gateway.
Or something nice as setting up a gameserver behind your NAT.
Newer game protocols work fine over NAT. This where NAT sucks: game developers
have to write NAT-compatible code. But they do: contrary to IPv6 which is
optional, NAT support has become mandatory. No NAT support no sales. No IPv6
support nobody gives a rip.
Tell me: which game would you be playing?
1. The game that works over IPv4 NAT.
2. The game that works only over IPv4 no-NAT.
3. The game that works only over IPv6.
Answer: 1. Because 2 does not exist (save for the hacked Quake done by our
Viagenie friends) and 3 does not sell because NAT is the standard setup these
days. Have a good frag with yourself with IPv6.
Nevertheless, most homes currently only consist of
maybe 3 Ethernet segments
Where does this come from? 99.9% of home/SOHO setups consist of _one_ Ethernet
segment.
Even at home, the VOIP/NAT issue does not strike me. I have two H.323 internal
numbers (had them forever) and two SIP external numbers on a single IP at home
(this has not been working until recently). If your NAT supports SIP and STUN
(they will all do at some point) you don't have a problem.
I'm not defending NAT, but the course of action that says people will have to
use IPv6 because NAT is not working is flawed.
The VOIP issue reminds me of VPN issues in the past: yes there were days when
PPTP would not cross NAT and there were days when IPSEC would not cross NAT.
These days are gone. I currently am on vacation in Mexico; hotels typically
don't have high-speed access, and phone calls are an absolute rip-off not to
mention dog-slow. Fortunately there are cybercafés (cheap, $2/hour, DSL speed)
all over the place. These are small shops that typically have a basic DSL line
(1024/128) and Linksys/3Com residential type NAPT box.
Each time I hooked up I got an RFC1918 address behind NAT. Guess what: my VPNs
work, my Skype works and my Skinny client works (kinda, too much jitter).
In 6 months or a year you won't hear the SIP/NAT problem anymore (just like you
don't hear about VPN across NAT issues anymore), which takes care of the
home/SOHO issue. And, as mentioned above, the issue does not really exist in
the enterprise.
The proof is in the pudding: if you read this, it has crossed NAT _at least_
three times already: at the cybercafé in Mexico. At my home connecting my
Outlook in Mexico to the Exchange server in California across the VPN tunnel.
From the Exchange server to your SMTP server egress.
What if I wanted to use IPv6 in Mexico while on vacation? I actually could: I
would have to tunnel it over IPv4 over double NAT.
- What would it buy me? Nothing.
- What would it cost me? Configuration time. Not too bad, but do you realize
know how hard it is to configure a network with the laptop on your lap, a hand
holding the pinacolada glass (harder than Noel's) and your eyes looking at the
chiquitas on the beach?
- What would it buy the cybercafé owner to have IPv6? Nothing. First, if I
needed IPv6 while traveling I would not rely on availability so I have my own.
Second, his tunneling might be worse than my own (the cybercafé does not run
BGP; I do). Would the cybercafé owner be able to charge me $2 for 30 minutes
instead of $2 per hour? No. Would I choose his cybercafé instead of the one
next door if the sign said "IPv6"? No.
- What would it cost the cybercafé owner to have IPv6? Lots of money,
especially in pesos. First, replace this $50 NAT box with an IPv6-capable
router. Then, get someone to configure it.
Wonder why $2/hour cybercafés in Mexico have IPv4/NAT and not IPv6?
Michel.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf