>> And there's always IPv8... Wasn't that IPv9 fun? ;) -Thaddeus -----Original Message----- From: Tim Chown [mailto:tjc@xxxxxxxxxxxxxxx] Sent: Dienstag, 28. März 2006 07:09 To: ietf@xxxxxxxx Subject: Re: Stupid NAT tricks and how to stop them. On Tue, Mar 28, 2006 at 01:54:52AM -0800, Michel Py wrote: > > Tim Chown wrote: > > If you deploy IPv6 NAT, you may as well stay with IPv4. > > You're the one who convinced me some three years ago that there will be > IPv6 NAT no matter what, what's the message here? I think there will be IPv6 NAT, because some people will want it. That doesn't mean it's rational to deploy it :) > > See also > http://www.ietf.org/internet-drafts/draft-ietf-v6ops-nap-02.txt > > Remember: Users don't read drafts/RFCs. And users don't walk into PC World and say 'I'd like a NAT router for my home network please'. They probably ask for a broadband modem, or something that doesn't specify NAT. > > We have deployed IPv6 in our enterprise (throughout). > > Could you have done it if you did not have the > research dollars^H^H^H^H pounds? While we ironed out many issues with research funding assistance in 6NET, I would say the deployment we have now could be done as part of a natural evolutionary procurement process. The 'cost' is real terms is not that high. We have had to invest time in updating OSS-type elements, but much of the rest comes 'out of the box'. I guess we would have had some training costs as a 'normal' enterprise, but we've helped address that in the academic community by running hands-on IPv6 workshops (just as the Internet2 people do for their community). > Phillip, there a few (such as: NAT typically requires hard state, which > is a pain to replicate if there is more than one edge router). NAT is > not completely evil, but it's far from being clean. Pretending that > there are no good reasons against NAT is going to achieve the same as > trying to eliminate it: nothing. I note Phillip's extremes of view on IPv6 and DNSSEC. It's interesting to compare how critical these two elements are, and his views on them. > Yes, and since site-locals have been deprecated they will also hijack an > unallocated block of addresses to use as private, same what happened > prior to RFC 1597 for the very same reasons (difficult/pricey to get > PI). There are now ULAs, http://www.ietf.org/rfc/rfc4193.txt. > When people will begin to scream bloody murder to use the extended bits > (because v4 is getting near exhaustion) the infrastructure could be > already in place, and then the pressure will be on software developers > to recode their stuff with 128-bit addresses. When that has happened, > then we can make use of all these reserved fields for better purposes, > and possibly allocate PI to everybody which is another pre-requisite to > get rid of NAT. And there's always IPv8 ;) -- Tim/::1 _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf