Re: IPv6 NAT?

On 15 feb 2008, at 23:49, Jonathan Rosenberg wrote:

So how far, exactly, are you prepared to bend over backwards and  
crack  the spine of the IP architecture to accommodate 0.01% or so  
of its  users? Not to mention the cost increases for all the extra  
protocol  layers and debugging that must be borne by the other  
99.99%?

Its not for me or you to decide. The issue is, will the people who  
operate these networks decide that they want NAT. And then it is for  
IETF to decide about whether they would like to engineer protocols  
that actually work on the networks that those administrators have  
built.


A much better course of action is to agree on what is a reasonable use  
of IP technology first so that everyone can build stuff that works  
together from the start without undue cost or inconvenience, rather  
than having to go through a large number of frustrating iterations  
where new protocols can't be deployed because middleboxes don't let  
them through and middlebox buyers are unhappy with their vendors  
because the middlebox gets in the way of certain stuff.

A big mistake was made in IPv4, where NAT was declared 'evil' and we  
didn't spend enough time defining it well. Now, it is wildly  
successful and a part of what the Internet is, and it is harder to  
deal with it. Had we done standards work up front and early, and  
defining exactly how NAT work, things would work much better.


Sure, but still much worse than without NAT. NAT IS evil in the sense  
that it makes life a lot harder, that's not the question. The question  
is whether it's a necessary evil. And that question is moot for IPv4  
now, it's no longer possible to have a NAT-free IPv4 network. But it  
IS possible to have a NAT-free IPv6 network, although the requirement  
to change addresses often as external connectivity changes is deemed  
problematic by some. A NAT that only addresses this issue (i.e.,  
static 1-to-1 address mappings where internal and external addresses  
have the same checksums so it's transparent to all protocols except  
those that do referrals) might not be too evil, but an IPv4-style port  
overloading NAT is even more evil in IPv6 because the workaround code  
isn't there in IPv6, and it's not a necessary evil either, because  
there is an abundance of address space in IPv6.

And now, we face the same dilemma with IPv6. Do we continue to deny  
the possibility of IPv6 NAT? Do we decide NOT to standardize it?  
Have we not learned our lesson from the first time around?


What type of IPv6 NAT would you like to standardize?
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
http://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread]	Current Thread	[Next in Thread>
RE: IPv6 NAT?, (continued) RE: IPv6 NAT?, michael.dillon Re: IPv6 NAT?, Spencer Dawkins RE: IPv6 NAT?, Hallam-Baker, Phillip RE: IPv6 NAT?, Christian Huitema RE: IPv6 NAT?, Dan Wing RE: IPv6 NAT?, Dan Wing Re: IPv6 NAT?, Iljitsch van Beijnum RE: IPv6 NAT?, Dan Wing Re: IPv6 NAT?, Jonathan Rosenberg Re: IPv6 NAT?, David Kessens Re: IPv6 NAT?, Iljitsch van Beijnum <= Re: IPv6 NAT?, Keith Moore Re: IPv6 NAT?, Rémi Després RE: IPv6 NAT?, Dan Wing Message not available RE: IPv6 NAT?, Dan Wing Re: IPv6 NAT?, Rémi Després RE: IPv6 NAT?, Dan Wing Re: IPv6 NAT?, Iljitsch van Beijnum Re: IPv6 NAT?, Rémi Després Re: IPv6 NAT?, Mark Andrews Re: IPv6 NAT?, Rémi Després