It's a security and operational issue. The perception is that it's easier to monitor, manage, and filter one address per host instead of 3. For most in the enterprise world it's a non-starter to have that setup; even if that perception is a false one.
Not sure I have the energy to re-hash the tired old NAT debate though. ;-) On Tue, Jun 14, 2011 at 1:38 PM, <valdis.kletni...@vt.edu> wrote: > On Tue, 14 Jun 2011 13:04:11 EDT, Ray Soucy said: > >> A better solution; and the one I think that will be adopted in the >> long term as soon as vendors come into the fold, is to swap out >> RFC1918 with ULA addressing, and swap out PAT with NPT; then use >> policy routing to handle load balancing and failover the way most >> "dual WAN" multifunction firewalls do today. >> >> Example: >> >> Each provider provides a 48-bit prefix; >> >> Internally you use a ULA prefix; and setup prefix translation so that >> the prefix gets swapped appropriately for each uplink interface. This >> provides the benefits of "NAT" used today; without the drawback of >> having to do funky port rewriting and restricting incoming traffic to >> mapped assignments or UPnP. > > Why do people insist on creating solutions where each host has exactly one > IPv6 > address, instead of letting each host have *three* (in this case) - a ULA and > two provider-prefixed addresses? > -- Ray Soucy Epic Communications Specialist Phone: +1 (207) 561-3526 Networkmaine, a Unit of the University of Maine System http://www.networkmaine.net/
