ietf
[Top] [All Lists]

RE: FW: Why?

2005-03-11 10:51:05
Ralph Droms wrote:
Would someone with first-hand knowledge of the reasons "several
major corporations publicly indicate that they intend to use NAT
with IPv6" be willing to compare those reasons with the reasons
listed in draft-vandevelde-v6ops-nap-01, and identify any reasons
that might be missing from Gunter's document? Might be useful to
consider extending draft-vandevelde-v6ops-nap-01 to address all
the known reasons for IPv6 NAT.

I'm not into this anymore, but two of the reasons are:

1. Significant numbers of enterprise network operators do not want
multiple addresses per host. It makes everything more complex: access
control, troubleshooting, internal firewalling, documentation, etc. And
during the transition, it also creates a network with two different
models. NATting at the edge instead is not a free lunch, but it is
well-known and maintains a single-model, simpler network. Stateful
firewalls capable of dealing with multi-address hosts that change IP
addresses on the fly will be a significant challenge.


2. Renumbering. There are enough people that have renumbered on a flag
day that will tell why they won't do it again, and renumbering without a
flag day is a huge amount of work, which is why organizations that had
to renumber moved behind NAT, with a sentence that I heard many times:
"I don't want to go through this <bleep> again".

It is my guess that on networks that deploy IPv6 ULAs will be successful
as the unique host address on the inside, and be NATted if they can't be
routed. IPv6 NAT is easier than IPv4 NAT (no ambiguity); I don't see how
you could prevent its deployment, it won't take long to port v4 NAT
helpers to v6 as soon as there is market demand.

Michel.


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf


<Prev in Thread] Current Thread [Next in Thread>