Keith Moore writes:
> > In trying to formulate an answer to this it occurs
> > to me that there's a better question to ask: if it
> > is inevitable that we need PI space for
> > disconnected networks, then do you concede that we
> > will end up with (a) NAT's and (b) route growth
> > (due to advertizing /48's) for people who decide
> > to get and (ab)use them?
>
> I don't see either of these results as inevitable.
>
> I think that we can make rules that say "no NATs in IPv6" and
> "advertisements of PI prefixes on the public Internet should be
> filtered" and that those rules will have a useful effect. They might not
> entirely prevent either practice, but they may make them rare enough
> that they do not cause huge problems.
Enforced by whom? Heck, forget enforcement.
*Voiced* by whom?
> In the case of NATs, I believe users will be less eager to deploy
> NATs in IPv6 because (a) the absence of NATs in IPv6 allows the Internet
> to support new kinds of applications that will drive deployment and (b)
> IPv6 gives users better ways to solve some problems (renumbering,
> attachment of a home network) whereas in IPv4 NATs were the
> best tools available.
If people really, really want PI space -- which
they manifestly do to isolate themselves from PA
address changes amongst other things -- why does
it not follow that they'd like to make those nice
unroutable PI addresses that we so kindly provide
to not have reach farther than was intended? As
in, why doesn't the experience of RFC 1918
directly apply here? Even if you can get a
globally routable PA provided address, would the
network adminstrators who desire PI even want to
deal with them? Because they're still faced with
the daunting task of renumbering PA addresses if
they use them which was... sort of the reason that
they like PI addresses.
> In the case of advertising PI prefixes, I believe ISPs will understand
> the wisdom of filtering them. They might not start filtering them
> immediately, but if routers get overloaded, the price of advertising a
> PI prefix will increase rapidly.
Sure. Which leads directly to NAT's to get around
the perceived meanness of the ISP.
> Of course, we do need to provide better solutions for scalable routing
> renumbering, and multihoming. We also need a better security
> architecture. My impression is that we are devoting too much energy
> to freaking out, when there are important problems we need to be
> working on.
I dunno, is it "freaking out" when the end result
of this exercise looks like the current IPv4
deployment except for a larger IP header?
> In particular, we need to get ourselves out of the habit of crying "that
> will lead to NAT" or "that will lead to route explosion" and using these
> as excuses to stop investigating a solution path.
Even when there's ample existance proofs that it
will? It's sort of disingenous to claim Chicken
Littlism when the ipv4 sky has already fallen.
Mike
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
