On 4-okt-2007, at 14:36, Iljitsch van Beijnum wrote:
I would be interested to know how many people favor each of the
following approaches. Feel free to send me private email and I'll
summerize.
I only got three replies, which don't really support drawing many
conclusions.
1. Keep NAT
On 4-okt-2007, at 17:50, Stephen Sprunk wrote:
Hence uPnP and NAT-PMP plus about half a dozen protocols
the IETF is working on.
uPNP is moderately successful in the consumer space; it still
doesn't work very well today, and it won't work at all in a few
years when ISPs are forced to put
On Thu, 04 Oct 2007 22:35:33 +0200, Iljitsch van Beijnum said:
Business folks once ruled the internet but those days are over. The
consumer is king.
Given yesterday's RIAA victory in their lawsuit in Minnesota, I expect the
RIAA will start lobbying for more ways to easily identify the
On Fri, 05 Oct 2007 17:42:05 +0200, Mohacsi Janos said:
Except if you are using privacy enhanced ipv6 addresses a la RFC 3041
Which is more likely:
1) The RIAA successfully lobbies for a network that basically prohibits rfc3041.
2) The consumers successfully lobby for a network that
On Fri, 05 Oct 2007 18:56:48 +0200, Mohacsi Janos said:
controller can force enable/disable. I don't see how RIAA can lobby for
switching off privacy enhancement - disabling certain component of the
operating system?.
Consider the fact that they lobbied *and got* 17 USC 512 takedowns, and
Iljitsch van Beijnum wrote:
That isn't actually true. I could move to IPv6 and deploy a NAT-PT
box to give my customers access to the v4 Internet regardless of
whatever the rest of the community thinks.
And then you'll see your active FTP sessions, SIP calls, RTSP
sessions, etc fail.
On 4-okt-2007, at 13:36, Eliot Lear wrote:
That isn't actually true. I could move to IPv6 and deploy a NAT-PT
box to give my customers access to the v4 Internet regardless of
whatever the rest of the community thinks.
And then you'll see your active FTP sessions, SIP calls, RTSP
sessions,
Thus spake Iljitsch van Beijnum [EMAIL PROTECTED]
On 2-okt-2007, at 15:56, Stephen Sprunk wrote:
Second, the ALGs will have to be (re)written anyways to deal
with IPv6 stateful firewalls, whether or not NAT-PT happens.
That's one solution. I like the hole punching better because it's more
On 2-okt-2007, at 16:53, Mark Newton wrote:
By focussing on the mechanics of inbound NAT traversal, you're
ignoring the fact that applications work regardless. Web, VoIP,
P2P utilities, games, IM, Google Earth, you name it, it works.
O really? When was the last time you successfully
On 2-okt-2007, at 16:55, Mark Newton wrote:
ALGs are not the solution. They turn the internet into a telco-like
network where you only get to deploy new applications when the powers
that be permit you to.
No, they turn the Intenret into a network where you only get to
deploy new IPv4
On 2-okt-2007, at 15:56, Stephen Sprunk wrote:
Second, the ALGs will have to be (re)written anyways to deal with
IPv6 stateful firewalls, whether or not NAT-PT happens.
That's one solution. I like the hole punching better because it's
more general purpose and better adheres to the
On Tue, Oct 02, 2007, Iljitsch van Beijnum wrote:
On 2-okt-2007, at 16:53, Mark Newton wrote:
By focussing on the mechanics of inbound NAT traversal, you're
ignoring the fact that applications work regardless. Web, VoIP,
P2P utilities, games, IM, Google Earth, you name it, it works.
O
On Tue, Oct 02, 2007 at 09:50:09PM +0200, Iljitsch van Beijnum wrote:
On 2-okt-2007, at 16:55, Mark Newton wrote:
So everyone will deploy IPv6 applications, which require no ALGs,
instead.
Isn't that a solution that everyone can be happy with?
Well, I can think of a couple of things
On Tue, Oct 02, 2007 at 10:07:19PM +0200, Iljitsch van Beijnum wrote:
IPv6 will happen. Eventually. And it'll have deficiencies which
some believe are severe, just like the IPv4 Internet. Such as
NAT. Deal with it.
If you want NAT, please come up with a standards document that
- IPv4 vs IPv6 is completely invisible to the user. I regularly run
netstat or tcpdump to see which I'm using, I doubt many people will do
that. So if IPv6 works and IPv4 doesn't, that will look like random
breakage to the untrained user rather than something they can do
something about.
On Tue, Oct 02, 2007 at 10:33:43PM +0200, Iljitsch van Beijnum wrote:
On 2-okt-2007, at 16:10, Stephen Sprunk wrote:
You can't trust the OS (Microsoft? hah!), you can't trust the
application (malware), and you sure as heck can't trust the user
(industrial espionage and/or social
- If we do NAT-PT and the ALGs are implemented and then the
application workarounds around the ALGs, it's only a very small
step to wide scale IPv6 NAT.
Perhaps it's a perspective issue, but I really don't see a problem
with that. If the network works, who cares?
well, the thing is that
On 3-okt-2007, at 9:42, Randy Bush wrote:
but the reality is ipv4 works and ipv6 doesn't.
It has very little deployment at this point in time, that's something
different.
and unless the ivory tower purists get off their doomed thrones,
ipv6 will die stillborn.
And unless the purists,
On Wed, Oct 03, 2007 at 12:02:31PM +0200, Iljitsch van Beijnum wrote:
The tricky part is that we're not going to agree on that as a
community, so the status quo will persist until someone cares enough
to do something drastic that moves the entire industry in one
direction or
That isn't actually true. I could move to IPv6 and deploy a
NAT-PT box to give my customers access to the v4 Internet
regardless of whatever the rest of the community thinks.
This whole debate is a complete waste of time,
Yup.
It would be more productive for everyone in the debate to
On 3-okt-2007, at 15:52, Mark Newton wrote:
The tricky part is that we're not going to agree on that as a
community, so the status quo will persist until someone cares enough
to do something drastic that moves the entire industry in one
direction or another.
That isn't actually true. I
It's seems we're always confusing NAT with PAT (or NAT overload, or
whatever else you want to call it). One to one NAT rarely breaks stuff.
NAT-PT would need to follow that model, otherwise, yes, things will
break. It seems like an IPv6-only ISP would need to operate the NAT-PT
boxes, and
break. It seems like an IPv6-only ISP would need to operate the NAT-PT
boxes, and dedicate a block of v4 addresses the size of the expected
concurrent online users to the NAT-PT box. Keep in mind that a v6 ISP
with 1 million customers won't need a million v4 addresses, for obvious
reasons.
-Original Message-
From: JAKO Andras [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 03, 2007 8:59 PM
To: Church, Charles
Cc: nanog@merit.edu
Subject: RE: Access to the IPv4 net for IPv6-only systems, was: Re: WG
Action: Conclusion of IP Version 6 (ipv6)
An IPv6-only ISP with enough
On 1-okt-2007, at 19:56, Stephen Sprunk wrote:
The problem with NAT-PT (translating between IPv6 and IPv4
similar to IPv4 NAT) was that it basically introduces all the NAT
ugliness that we know in IPv4 into the IPv6 world.
There is no IPv6 world. I've heard reference over and over to
how
What has happened? Well, application protocols have evolved to
accommodate NAT weirdness (e.g., SIP NAT discovery), and NATs have
undergone incremental improvements, and almost no end-users care about
NATs. As long as they can use the Google, BitTorrent and Skype, most
moms and dads
At 10:43 AM +0200 10/2/07, Iljitsch van Beijnum wrote:
When v4-only users get sick of going through a NAT-PT because it breaks a few
things, that will be their motivation to get real IPv6 connectivity and turn
the NAT-PT box off -- or switch it around so they can be a v6-only site
internally.
At 5:36 AM -0400 10/2/07, John Curran wrote:
...
tunnelling is still going to require NAT in the deployment mode once
IPv4 addresses are readily available.
c/are/are no longer/
(before my morning caffeine fix)
/John
On 2-okt-2007, at 11:36, John Curran wrote:
The proxytunnel vs NAT-PT differences of opinion are entirely based
on deployment model... proxy has the same drawbacks as NAT-PT,
The main issue with a proxy is that it's TCP-only. The main issue
with NAT-PT is that the applications don't know
At 1:50 PM +0200 10/2/07, Iljitsch van Beijnum wrote:
ALGs are not the solution. They turn the internet into a telco-like network
where you only get to deploy new applications when the powers that be permit
you to.
At the point in time that NAT-PR is used for backward
compatibility (because
On 2-okt-2007, at 14:08, John Curran wrote:
That's a wonderful solution, and you should feel free to use it.
It's particularly fun from a support perspective, because you
get to be involved all the way down the host level.
Tunneling IPv4 over IPv6 and translating IPv4 into IPv6 pretty much
On Tue, Oct 02, 2007, Iljitsch van Beijnum wrote:
Yes, but it's the IPv4 NAT we all know and love (to hate). So this
means all the ALGs you can think of already exist and we get to leave
that problem behind when we turn off IPv4. Also, not unimportant: it
allows IPv4-only applications
On 2-okt-2007, at 15:05, Adrian Chadd wrote:
Please explain how you plan on getting rid of those protocol-aware
plugins
when IPv6 is widely deployed in environments with -stateful
firewalls-.
You just open up a hole in the firewall where appropriate.
You can have an ALG, the application
On Oct 1, 2007, at 9:15 AM, John Curran wrote:
What happens if folks can somehow obtain IPv4 address blocks
but the cumulative route load from all of these non-hierarchical
blocks prevents ISP's from routing them?
[EMAIL PROTECTED] (David Conrad) writes:
Presumably, the folks with the
Thus spake Iljitsch van Beijnum [EMAIL PROTECTED]
On 1-okt-2007, at 19:56, Stephen Sprunk wrote:
There is no IPv6 world. I've heard reference over and over to how
developers shouldn't add NAT support into v6 apps, but
the reality is that there are no v6 apps. There are IPv4 apps
and IP
Thus spake Iljitsch van Beijnum [EMAIL PROTECTED]
On 2-okt-2007, at 15:05, Adrian Chadd wrote:
Please explain how you plan on getting rid of those protocol-
aware plugins when IPv6 is widely deployed in environments
with -stateful firewalls-.
You just open up a hole in the firewall where
On Tue, Oct 02, 2007 at 10:35:11PM +1300, Perry Lorier wrote:
What has happened? Well, application protocols have evolved to
accommodate NAT weirdness (e.g., SIP NAT discovery), and NATs have
undergone incremental improvements, and almost no end-users care about
NATs. As long as
On Tue, Oct 02, 2007 at 01:50:57PM +0200, Iljitsch van Beijnum wrote:
ALGs are not the solution. They turn the internet into a telco-like
network where you only get to deploy new applications when the powers
that be permit you to.
No, they turn the Intenret into a network where you
On Tue, Oct 02, 2007 at 01:57:15PM +, Paul Vixie wrote:
On Oct 1, 2007, at 9:15 AM, John Curran wrote:
What happens if folks can somehow obtain IPv4 address blocks
but the cumulative route load from all of these non-hierarchical
blocks prevents ISP's from routing them?
[EMAIL
On 10/2/07, Stephen Sprunk [EMAIL PROTECTED] wrote:
If you think anyone will be deploying v6 without a stateful firewall,
you're
delusional. That battle is long over. The best we can hope for is that
those personal firewalls won't do NAT as well.
Vendor C claims to support v6 (without
Thus spake Duane Waddle
On 10/2/07, Stephen Sprunk [EMAIL PROTECTED] wrote:
If you think anyone will be deploying v6 without a stateful firewall,
you're delusional. That battle is long over. The best we can hope
for is that those personal firewalls won't do NAT as well.
Vendor C claims to
Thus spake Iljitsch van Beijnum [EMAIL PROTECTED]
On 2-okt-2007, at 11:36, John Curran wrote:
The proxytunnel vs NAT-PT differences of opinion are entirely
based on deployment model... proxy has the same drawbacks
as NAT-PT,
The main issue with a proxy is that it's TCP-only. The main issue
i had a totally different picture in my head, which was of a rolling
outage of routers unable to cope with full routing in the face of
this kind of unaggregated/nonhierarchical table
been there done that
followed by a surge of bankruptcies and mergers and buyouts
and that is not what
and that is not what happened last time, so why should it happen
this time?
In fact, it's reasonable to assume that we will again filter
prefixes.
i agree but fear that it will be harder to find the filter algorithms
this time.
Hopefully, the ISP that is forced into this position will
End-to-end-ness is and has been busted in the corporate world AFAICT
for a number of years. IPv6 people seem to think that simply
providing
globally unique addressing to all endpoints will remove NAT and all
associated trouble. Guess what - it probably won't.
If you don't want
From: David Conrad:
snip
: Older routers will indeed fall over, as they are going to
: fall over when we go over 240K routes, so folks will upgrade.
I see we're pretty close to that: www.cidr-report.org/as2.0
Date Prefixes
03-10-07 239049
scott
Thus spake Iljitsch van Beijnum [EMAIL PROTECTED]
On 28-sep-2007, at 6:25, Jari Arkko wrote:
And make it works both way, v4 to v6 and v6 to v4.
And also don’t call it NAT-PT. That name is dead.
For what it is worth, this is one of the things that I want
to do. I don't want to give you an
Thus spake Iljitsch van Beijnum [EMAIL PROTECTED]
For the purpose of this particular discussion, NAT in IPv4 is basically a
given: coming up with an IPv4-IPv6 transition
mechanism that only works with if no IPv4 NAT is present both
defeats the purpose (if we had that kind of address space we
At 12:56 PM -0500 10/1/07, Stephen Sprunk wrote:
...
The fundamental flaw in the transition plan is that it assumes every host will
dual-stack before the first v6-only node appears. At this point, I think we
can all agree it's obvious that isn't going to happen.
NAT-PT gives hosts the
On Mon, 01 Oct 2007 14:39:16 EDT, John Curran said:
Now the more interesting question is: Given that we're going
to see NAT-PT in a lot of service provider architectures to make
deploying IPv6 viable, should it be considered a general enough
transition mechanism to be Proposed
At 3:11 PM -0400 10/1/07, [EMAIL PROTECTED] wrote:
So it boils down to Do you think that once that camel has gotten its nose
into the tent, he'll ever actually leave?.
(Consider that if (for example) enough ISPs deploy that sort of migration
tool, then Amazon has no incentive to move to IPv6,
Now the more interesting question is: Given that we're going
to see NAT-PT in a lot of service provider architectures to make
deploying IPv6 viable, should it be considered a general enough
transition mechanism to be Proposed Standard or just be a very
widely deployed Historic
Thus spake [EMAIL PROTECTED]
Historic usually refers to stuff we've managed to mostly stamp
out production use.
So it boils down to Do you think that once that camel has gotten
its nose into the tent, he'll ever actually leave?.
This particular camel will be here until we manage to get v4
On Mon, Oct 01, 2007 at 09:18:43PM -0500, Stephen Sprunk wrote:
That depends. If Amazon sees absolutely no ill effects from v6 users
reaching it via v4, then they obviously have little technical incentive to
migrate. OTOH, if that is true, then all the whining about how evil
NAT-PT
PROTECTED]
Responder a: [EMAIL PROTECTED]
Fecha: Sat, 29 Sep 2007 23:10:24 -0400
Para: Iljitsch van Beijnum [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Asunto: Re: Access to the IPv4 net for IPv6-only systems, was: Re: WG Action:
Conclusion of IP Version 6 (ipv6)
At 11:13 PM +0200 10/21/07
55 matches
Mail list logo
