Re: FW: Why?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In message <DD7FE473A8C3C245ADA2A2FE1709D90B1C828F@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
ento.ca.us>, "Michel Py" writes:
>> Ralph Droms wrote:
>> Would someone with first-hand knowledge of the reasons "several
>> major corporations publicly indicate that they intend to use NAT
>> with IPv6" be willing to compare those reasons with the reasons
>> listed in draft-vandevelde-v6ops-nap-01, and identify any reasons
>> that might be missing from Gunter's document? Might be useful to
>> consider extending draft-vandevelde-v6ops-nap-01 to address all
>> the known reasons for IPv6 NAT.
>
>I'm not into this anymore, but two of the reasons are:
>
>1. Significant numbers of enterprise network operators do not want
>multiple addresses per host. It makes everything more complex: access
>control, troubleshooting, internal firewalling, documentation, etc. And
>during the transition, it also creates a network with two different
>models. NATting at the edge instead is not a free lunch, but it is
>well-known and maintains a single-model, simpler network. Stateful
>firewalls capable of dealing with multi-address hosts that change IP
>addresses on the fly will be a significant challenge.
>

Actually, NATting at the edge is a disaster for a lot of those reasons, 
because of the difficulty it causes when you receive external trouble 
reports -- who caused it?

		--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb



_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]