ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IPv6 NAT?

2008-02-18 15:47:25
from [Brian E Carpenter] [Permanent Link] 
Dan,

On 2008-02-19 05:51, Dan York wrote:

Brian,

On Feb 17, 2008, at 10:33 PM, Brian E Carpenter wrote:

On 2008-02-18 14:30, Terry Gray wrote:



Unless/until enterprise (or even home) network operators have some
number of bits of address to call their own, without risk of forced
change or being held hostage to their ISP, you will have NAT for v6
just like for v4.  I think you can take that to the bank.


No, you'll have pressure for PI space, which we already see.
As for how to make PI-addressed sites globally reachable without
a scaling problem for the WAN routing system, see the RRG list,
which is really aimed at that challenge IMHO. There's certainly
no need to rush into NAT for that reason. We don't have an
*imminent* scaling problem in IPv6 WAN routing.


So if I understand you correctly, you believe that:

1. ULAs will give enterprises the addressing autonomy that they seek (as
RFC 1918 addresses do with IPv4)


Correct. That's available today.


; but that
2. Enterprises will NOT need to use NAT to make those ULAs globally
reachable (instead using work going on in RRG).


No. When a client system wants to go outside the corporate network, it
will need to use a second address that belongs to a globally routable
prefix. But there's no reason to care about whether that address
has a particularly long lifetime, so it really doesn't matter
whether it's from PI or PA space or whether it will change
next time you reboot the client.

Obviously, external corporate servers (presumably living in
a DMZ) need stable addresses and if they are using PA space,
they can only multihome by using multiple simultaneous
PA prefixes.

This is running code, and it's not the same as IPv4. The long term
scaling issue is how to support PI multihoming. There's no doubt
there will be corporate demand for that.



Is that correct?

I will admit that I haven't followed the RRG list at all, but I find it
hard to wrap my brain around how precisely this would be done (outside
of servers full of proxies, ALGs, etc.). 


The RRG direction is essentially map-and-encap, but that is a long discussion.


Perhaps I've just spent far
too long in enterprise-land where everything is NAT'd and proxied at the
firewall with IPv4.  Can you point folks like me to some specific work
on this that we can read up on?


I wouldn't presume... try
http://www3.tools.ietf.org/group/irtf/trac/wiki/RoutingResearchGroup

   Brian



Yes, which is why I'm a strong supporter of ULAs. There's no reason
your printers or internal-only servers need globally reachable addresses.



Agreed.

Regards,
Dan


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
http://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Gen-art] Gen-ART Last Call review of draft-carpenter-rfc2026-changes-02, Brian E Carpenter
Next by Date:  RE: IPv6 NAT?, Hallam-Baker, Phillip
Previous by Thread:  Re: IPv6 NAT?, Dan York
Next by Thread:  Re: IPv6 NAT?, Keith Moore
Indexes:  [Date] [Thread] [Top] [All Lists]