James, I believe what I asserted was the following....
"The factual thing that can be said about NAT is that it obscures the literal IP address assigned to an end device from a source on the other side of the NAT boundary. For some that is a desired effect for others it's an undesirable problem....... ...... You are not going to achieve that level of "obscurity" without some form of address translation....and any solution that you do provide to achieve that obscurity will have much of the same side effects that todays NAT does." As far as I'm concerned, that assertion continues to stand in the face of RISP. Under RISP (unless I understand it wrong) the PA address IS actualy bound on the end device itself and IS exposed to external sources... it's just that the duration of that assignment is limited. Furthermore, in order to be practicaly useful, RISP must have some sort of out-of-band registry that largely obviates much of the obscurity it might otherwise provide. Finally, to the degree that it does provide a level of obscurity....it does cause many of the same sort of side effects that NAT does. On a more fundemental level, the goals of "transparency" and "end-to-end reachabilty" that seem to be part of the guideing principles that the designers of IPv6 built into thier work is anthetical to the goals of many of the people actualy using the internet. Many people don't want thier networks to be perfectly "transparent"...they want them to be quite opaque in fact....and they don't want thier end devices (in general) to be perfectly reachable. Unless that diversity of goals is recognized and accounted for... IPv6 is destined to remain the "New Coke" of it's generation. Christopher Engel > -----Original Message----- > From: james woodyatt [mailto:[email protected]] > Sent: Friday, April 30, 2010 7:43 PM > To: Chris Engel > Cc: NAT66 HappyFunBall > Subject: Re: [nat66] Terminology: Definition for "IPv6 Realm"? > > > On Apr 30, 2010, at 16:20, Chris Engel wrote: > > > > If NAT provides me exactly the functionality I want now....doesn't > > break any protocols/applications I want to use. The > > applications/protocols it breaks I ACTUALY WANT broken.... > why would I > > want to switch to RISP instead? > > I don't even know why you would want IPv6. It doesn't seem > to buy you anything that you don't already have with IPv4/NAT. > > I was merely countering your assertion that NAT is required > to prevent unique-local routing topology from being exposed > to exterior domains. It isn't, as the example of RSIP > demonstrates. Concerns about reachability and stateful flow > tracking can be handled orthogonally with things like > I-D.ietf-v6ops-cpe-simple-security. > > Look, I'm not trying to persuade you that you shouldn't use > NAT at your borders-- indeed, as I said before, your plan to > stay IPv4-only on local networks and to rely on NAT46 > gateways to communicate with exterior IPv6 networks is a > perfectly reasonable one. You should go do that. It sounds > to me like the optimal solution for you. > > > -- > > james woodyatt <[email protected]> > member of technical staff, communications engineering > > > _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
