Dear Martin, > > I think you're confused. Whatever IPv6 source address is in the > > outgoing packet from the CPE is bound 1:1 to the subscriber. You > can't > > conceal the address of the subscriber, if you ever want to get any > packets back. > > The outgoing packet is bound 1:1 to the ISP of the subscriber, any only > the ISP knows to which of his customers he is routing the datagrams > during any specific point in time. The DHCP lease should be 24h at > most and the ISP is bound by data protection laws to not make the > mapping publicly accessible except under very specific legal > exceptions. I do not know if this is a current environment, or what you would like to see (A reference would be good). If you wish to rotate through address space, you could still use the 24 hour lease either as a replacement for or in addition to your static prefix in IPv6, but you do not need to use NAT. One would use DHCPv6-PD to request the lease for a period, Router Advertise it downstream to your devices, which use it only for 24h, and at the end of the time return the prefix to the pool. The mapping then becomes a routing one, rather than a NAT one, and the routing mapping only exists as long as the connection is available (if using PPP) AND the DHCP lease is held (under the same rules or laws you indicate). While I do not think there is an option to "return this prefix to the pool, and assign me a different prefix", it would be "trivial" to implement, and would not create a barrier to sessions like NAT would. (Note that I would decouple the prefix return and assignment to de-link them in time). This is presented as a counter-example to "NAT is the answer", because this is a technologist perspective, and there are other solutions. What we should really be doing is engaging with industry to identify the actual need, not choosing technical paths because of their feasibility in code. Sincerely, Greg Daley _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf