On 2008-02-18 14:30, Terry Gray wrote:
>> That's a terrible idea, because it would pander to the myths that
>> NAT is a security or policy tool.
>
> Brian,
> Several comments in this thread have suggested that security is the
> primary driver for NAT.
>
> While it is surely a factor, I believe the dominant driver for NAT is
> addressing autonomy.
For enterprise networks, certainly, coupled with multihoming.
But absolutely not for SOHO networks, where the dominant driver
is having address space for a LAN.
>
> Unless/until enterprise (or even home) network operators have some
> number of bits of address to call their own, without risk of forced
> change or being held hostage to their ISP, you will have NAT for v6
> just like for v4. I think you can take that to the bank.
No, you'll have pressure for PI space, which we already see.
As for how to make PI-addressed sites globally reachable without
a scaling problem for the WAN routing system, see the RRG list,
which is really aimed at that challenge IMHO. There's certainly
no need to rush into NAT for that reason. We don't have an
*imminent* scaling problem in IPv6 WAN routing.
>
> (Note that autoconf doesn't remove this need... enterprise operators
> will have local host addresses sprinkled throughout a plethora of
> departmental traffic disruption appliances, so renumbering will be
> viewed by many as a non-starter.)
Yes, which is why I'm a strong supporter of ULAs. There's no reason
your printers or internal-only servers need globally reachable addresses.
Brian
_______________________________________________
Ietf@xxxxxxxx
http://www.ietf.org/mailman/listinfo/ietf