Sorry for arriving late at the party.
If people want NAT so badly, let them have it. It will be better to have a
standardized NATv6 than the multiple, non-standard and sometimes downright
bizarre implementations of NAT we have now. Just keep it in a way such as that
the future Internet MUST be a place were NATs are OPTIONAL and not FORCED down
one's throat like they are now.
I also believe that if ULAs hadn't been named ULAs but RFC1918 for IPv6 or
"private IPv6 space" we wouldn't be having much of this conversation. Many,
many people outside these IETF mailing lists just don't grok that ULAs are
little more than that. I also tend to panic a little when people want to
deprecate ULAs. I just don't see the point of doing this, while I keep seeing a
lot of use cases for private space.
I hate NATs with port translation on single public IPs. Things break, many
times inexplicably. People have this rather inexplicable warm feeling that they
are somewhat 'safer' behind NATs. I picture them standing in front of a tornado
with an umbrella in hand and feeling protected.
However, I can live with prefix translation, in fact, I believe it can be just
the tool that small businesses need to save themselves renumbering efforts and
keep some of the warm feeling as well.
Warm regards,
Carlos
On Apr 7, 2012, at 3:00 PM, Yoav Nir wrote:
On Apr 7, 2012, at 8:35 PM, Christian Huitema wrote:
Unlike some others, I'm still not convinced that there is anything
fundamentally wrong with the IPv6 design
although I believe that we could have made it either easier to deploy or
that we could have offered more incentives for deployment.
IPv6 is, fundamentally, IPv4 with bigger addresses.
Not quite. IPv6 has multiple prefixes, link-local addresses, neighbor
discovery. See section 3 of RFC 5739 for a discussion of how things break
when you treat IPv6 as a drop-in replacement.
I am hearing two kinds of critics. On one hand, some regret the lost
opportunity to break from the IPv4 design and do something more radical,
e.g. ID/locator separation. On the other hand there are those who wish that
IPv6 was even more like IPv4, including the use of NAT and other such
practices, so network administrators could keep a familiar setting.
Changing the message from "you don't need NAT anywhere" to "sure, you can use
RFC 4193 ULAs, just don't let us see them on the Internet" would be a big
help.
Small businesses would have one or two networks, so nothing bad happens even
if the router chooses the 40 random bits in a not-so-random fashion. Bigger
businesses with multiple subnets in each site and VPNs between the sites
would need to be more careful, but should have the appropriately-skilled
operators. Just like they do now.
Yoav