> Ralph Droms wrote: > Would someone with first-hand knowledge of the reasons "several > major corporations publicly indicate that they intend to use NAT > with IPv6" be willing to compare those reasons with the reasons > listed in draft-vandevelde-v6ops-nap-01, and identify any reasons > that might be missing from Gunter's document? Might be useful to > consider extending draft-vandevelde-v6ops-nap-01 to address all > the known reasons for IPv6 NAT. I'm not into this anymore, but two of the reasons are: 1. Significant numbers of enterprise network operators do not want multiple addresses per host. It makes everything more complex: access control, troubleshooting, internal firewalling, documentation, etc. And during the transition, it also creates a network with two different models. NATting at the edge instead is not a free lunch, but it is well-known and maintains a single-model, simpler network. Stateful firewalls capable of dealing with multi-address hosts that change IP addresses on the fly will be a significant challenge. 2. Renumbering. There are enough people that have renumbered on a flag day that will tell why they won't do it again, and renumbering without a flag day is a huge amount of work, which is why organizations that had to renumber moved behind NAT, with a sentence that I heard many times: "I don't want to go through this <bleep> again". It is my guess that on networks that deploy IPv6 ULAs will be successful as the unique host address on the inside, and be NATted if they can't be routed. IPv6 NAT is easier than IPv4 NAT (no ambiguity); I don't see how you could prevent its deployment, it won't take long to port v4 NAT helpers to v6 as soon as there is market demand. Michel. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf