Re: draft-ietf-ipv6-ula-central-02.txt and NAT

Tue, 03 Jul 2007 12:25:19 -0700 

Thus spake "Scott Leibrand" <[EMAIL PROTECTED]>

I think what we wanted to get rid of in IPv6 was one-to-many
NAT, also know as PAT (among other names).  In IPv6, we
can stick to one-to-one NAT, which eliminates most of the
nastiness we associate with NAT in today's IPv4 world.



The only legitimate reason to bother with 1:1 NAT is because one can't get 
PI space.  Solution: make PI space available.  Oh, wait, we already did 
that...



However, there are other reasons people use NAT today, mainly because they 
confuse NAT with a stateful firewall.  Such people will continue to use NAT 
(or PAT) even if they have PI or ULA(-C) space on the "inside".



I agree that PI space, if it were widely available, would meet the
same needs as ULA-C.  However, I think we need to be realistic
that PI-for-everyone won't fly, and need to think creatively about
ways to achieve the same goals (such as provider
independence) in such a way that we don't impose more public
cost than private benefit.


If the use is truly private, then there is no public cost.


When it was last proposed there was: it was thought that
networks would get ULA-C and use it as PI space.  Now,
since PI space is readily available to multihomed networks,
that is much less likely.  As a result, I am in favor of allowing
small networks to register their own unique private space,
as this draft would do.



The thing is, if the network is "small", i.e. too small to qualify for PI 
space, then RFC 4193 is more than sufficient.



The only reasonable use cases I've heard for ULA-C are for orgs so big and 
with so many interconnections that ULA is not sufficient; those orgs can get 
PI without any challenges today, which means ULA-C offers nothing new.


I fail to see the "innovation" here.

S

Stephen Sprunk      "Those people who think they know everything
CCIE #3723         are a great annoyance to those of us who do."

K5SSS                                             --Isaac Asimov 




--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------


























					Reply via email to