Re: IPv6 NAT?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




--On Monday, 18 February, 2008 16:33 +1300 Brian E Carpenter
<brian.e.carpenter@xxxxxxxxx> wrote:

>> While it is surely a factor, I believe the dominant driver
>> for NAT is  addressing autonomy.
> 
> For enterprise networks, certainly, coupled with multihoming.
> But absolutely not for SOHO networks, where the dominant driver
> is having address space for a LAN.

Brian,

I suggest that it isn't that simple.  The following drivers are,
IMO, very important for SOHO networks.  I won't try to judge
"dominant" but suggest that the first is very important to those
ISPs who provide connectivity and support to SOHO networks and
that, in many cases, they and not the end-user are the customer
for both equipment and addressing architectures.

(1) With NATs, every SOHO network (or at least every SOHO
network an ISP can claim with a straight face to support) has
exactly the same topology and addressing architecture.  That
makes customer support much cheaper because one does not have to
figure out how to parameterize the little scripts from which
people select and read.

(2) Security and address-hiding.   While we know that the
advantages of this via NAT are not significant, that hasn't
prevented the marketing hype and the selling on NATs --or NATs
plus a little packet inspection and lightweight versions of
other firewall functions-- on that basis.    If one accepts the
belief that any marketing strategy that works is unlikely to be
discontinued, this motivation for NATs won't go away.  Worse, if
we figure out how to eliminate it for IPv6, its effectiveness
for IPv4 networks will impede the deployment of IPv6.

(3) LAN configuration.  While IPv6 autoconfiguration may be a
better solution, the available user-interface and user-useable
tools for managing LANs with NAT, DHCP, and MAC addresses are
far superior to anything we have available and well-documented
for NAT-less, multiple-address-per-host IPv6.  That won't change
until the boundary devices change and due consideration is given
to the knowledge, skills, and patience of the typical "network
manager" of the SOHO network.   This is probably a non-issue as
long as all of the machines on the LAN are pure clients but, as
Keith points out, pure-client machines are fairly rare and
becoming more rare.  Certainly, as soon as one installs the
first on-LAN file server or printer, one either has to face
configuration issues or resource discovery protocols that tend
to work poorly (or at least to be confusing) as soon as there
are more than one device of a given type.

(4) Multihoming.  While it may not be general or obvious yet,
I'm seeing a slowly growing trend toward wanting to attach SOHO
networks to two (occasionally more) ISPs, whether on a
load-sharing or a fallover basis.  This is done in the hope that
both ISPs won't be incompetent on the same day and in
recognition that two "residential" connections are typically
still a lot cheaper than one "business" connection, even when
the latter comes with real support and an SLA.  There are
relatively inexpensive and relatively easy-to-manage devices on
the market that support dual connections.  They all use NATs,
even when the addresses facing one or both WANs are public.

There may be others, and probably are, but dismissing these as
unimportant is a way to become irrelevant, not to either get rid
of NATs or to encourage IPv6 deployment.

   john





_______________________________________________

Ietf@xxxxxxxx
http://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]