--On Sunday, April 08, 2012 07:12 +0300 Yoav Nir
<ynir(_at_)checkpoint(_dot_)com> wrote:
On Apr 7, 2012, at 11:43 PM, Randy Bush wrote:
Changing the message from "you don't need NAT anywhere" to
"sure, you can use RFC 4193 ULAs, just don't let us see them
on the Internet" would be a big help.
in ipv4, rfc1918 space was needed because of address
scarcity. in ipv6, you could use global space inside a nat,
if you need a nat. we do not need to perpetuate the 1918
mess.
Not having to "buy" address space, or "lease" it from whatever
ISP you're using at a certain point in time is a feature, not
a workaround. RFC 1918 is only a mess if you need to make sure
multiple organizational networks do not overlap. With the
amount of subnets available in ULAs this should not be hard.
But, Yoav, that particular cost is a policy cost, not a
technology one. First of all, what Randy rather politely calls
the "1918 mess" is actually three separate messes. One of those
messes was the need to have one public address for a LAN serve
multiple addresses/ host/interfaces on that LAN. That
necessitated the second mess, which was having different
addresses "inside" and "outside". There are reasons for having
separate addresses "inside" and "outside" even if one has
enough "outside" addresses to map some of all of them
one-to-one. Neither the scarcity of "outside" addresses nor a
desire for separate "inside" ones requires that the internal
addresses by reused in multiple LANs (1918 addresses aren't
really "private", they are just explicitly reusable), and it the
notion of reusable addresses that are the third mess. If "we"
(for some very broad definition that includes the IETF and the
RIRs) permit the business of charging for individual addresses
to persist into the IPv6 world (it would be relatively easy to
describe policy decisions and recommendations to regulators that
would end that particular charging game... of course it might be
replaced by something you'd like less), the first mess would
remain, but there is no inherent reason while reusable addresses
would be required.
As just one example of mess-removal, note that, for an
enterprise or activity that needs at least one external/public
DNS name, the use of global addresses for internal hosts just
means "address that isn't globally routable" while 1918
addresses just about require split-horizon DNS.
john