On 03/28/06 at 7:00am +0200, Anthony G. Atkielski <anthony@xxxxxxxxxxxxx> wrote: > Keith Moore writes: > > > don't think upgrade; think coexistence. > > How do IPv4 and IPv6 coexist? Like ASCII and EBCDIC, perhaps? Um, have you heard of dual stack? My Windows XP does it quite transparently (after I enable IPv6 at the command line), and presumably Vista will do IPv4/IPv6 dual stack transparently without any command-line enabling. > > As an engineer, the right thing to do is to transition away from NAT > > (along with IPv4), so that eventually it can be discarded. > > I'm not aware of a smooth transition option; how does it work? OS's (and anything with a TCP/IP stack) starts looking for both IPv4 and IPv6 connectivity at connect time (DHCP for v4, DHCPv6 or RA's for IPv6). If an ISP has enabled IPv6 on their network, the IP stack gets an IPv4 address and one or more IPv6 addresses. When it goes to talk to a host with a v4 address, it uses v4. To talk to a v6 host, it uses v6. If a network wants to stop giving out v4 addresses, they provide v4/v6 translation capabilities of some sort. > And NAT is economically driven. Unless ISPs stop charging for extra > addresses, it's hear to stay. As I argued in another message, IMO ISPs will not be able to charge extra for an IPv6 /64. That gives you basically as many hosts as your routing/switching gear can handle on a single subnet (as you won't be able to put 2^64 hosts on a single broadcast domain). > > for some applications, it's simply impractical; for other apps, it's > > much more expensive (in terms of added infrastructure and support costs) > > to operate them in the presence of NAT. in either case the market for > > those apps is greatly reduced, and the apps are more expensive as a result. > > It might still be cheaper than converting them to IPv6. As long as you already have v6-capable gear, enabling IPv6 shouldn't be significantly more expensive than running v4. IMO it doesn't make sense to try to run v6 on gear that only supports v4, but since pretty much all new gear supports v6 now, folks should be able to gradually turn on v6 as appropriate in their networks. > > again, this doesn't really solve the problem - it only nibbles off a > > small corner of it. NATs do harm in several different ways - they take > > away a uniform address space, they block traffic in arbitrary > > directions, they hamper appropriate specification of security policies, > > and these days they often destroy transparency. > > Agreed, but they reduce the amount of money you must pay to your ISP > each month by a factor of ten or more. Your ISP charges you 9 times as much for IPv4 addresses as they do for bandwidth? I'd recommend switching ISPs. All the ones I've seen charge a small premium for additional IP space, but it's never more than about a 50% premium. > > the reason this looks so complicated compared to NATs is that NATs never > > really worked all of this stuff out. NATs started with a simple design, > > pretended it would work well without doing the analysis, and have been > > trying to fix it with bizarre hacks ever since that have only made the > > problem worse. > > People will go to great lengths sometimes to save money. Or to avoid hassle. I have a single IP on my DSL, and run NAT, mainly because it's not worth the hassle to get additional IPv4 space. However, as soon as my ISP starts offering IPv6 with DHCPv6 Prefix Delegation, I'll upgrade my NAT box to something that supports DHCPv6-PD. That might be a linksys/d-link/netgear box, or it might be a PC running Linux. -Scott _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf