On Mar 22, 2010, at 9:39 PM, Daniel Senie wrote: > > On Mar 22, 2010, at 6:53 PM, Stan Barber wrote: > >> In this case, I am talking about an IPv6<->IPv6 NAT analogue to the current >> IPv4<->IPv4 NAT that is widely used with residential Internet service >> delivery today. >> >> I believe that with IPv6 having much larger pool of addresses and each >> residential customer getting a large chunk of addresses will make >> IPv6<->IPv6 NAT unnecessary. I also believe that there will be IPv6 >> applications that require end-to-end communications that would be broken >> where NAT of that type used. Generally speaking, many users of the Internet >> today have not had the luxury to experience the end-to-end model because of >> the wide use of NAT. > > End-to-end applications will face much of the same interruption issues in the > future as today. They will face firewall equipment that inspects the packet > stream and purposefully blocks applications that are potentially harmful > (e.g. vectors for systems infection). While the address translation part of > stateful inspection firewall processing may not be used for IPv6, all other > aspects of firewall function will be as applicable to IPv6 packets as they > are to IPv4. > Sure, but, for the most part, it is the address translation part that does unintended damage to end-to-end protocols. The stateful inspection is intended interference, so usually a work-around is undesirable. In the case of NAT, there's often a need for a workaround due to the unintended consequences. Hence the creation of STUN, SNAT, UPNP, etc.
>> >> Given that these customers today don't routinely multihome today, I >> currently believe that behavior will continue. Multihoming is generally more >> complicated and expensive than just having a single connection with a >> default route and most residential customers don't have the time, expertise >> or financial support to do that. So, the rate of multihoming will stay about >> the same even though the number of potential sites that could multihome >> could increase dramatically as IPv6 takes hold. > > I deal more with small businesses than residences, but I will take issue with > the premise presented. Today there are many products, especially firewalls > that allow "multihoming" of a sort using multiple upstream connections in > conjunction with IPv4 and NAT. This is fairly simple, and can allow smaller > offices, such as a company's field offices to combine multiple broadband > connections, such as a cable modem and a DSL connection, to attain higher > reliability and increased bandwidth. > Albeit with a number of less than ideal tradeoffs vs. a BGP-based multihoming solution. With the smaller routing table afforded by IPv6, this will be less expensive. As a result, I suspect there will be more IPv6 small multihomers. That's generally a good thing. > Because these appear to be just two broadband customer modems in one location > (whether small business or residence), you cannot easily determine that such > combining is being done. > > As this is a VERY useful, and well-used capability, it will be interesting to > see what the vendors choose to offer in their equipment as IPv6 support > improves. > It's pretty easy to do this in IPv6 without NAT. Just advertise both prefixes in the RA from the device and you're done. Owen
