It's looking more and more like NAT64 will be in our future. One of the
valid concerns for NAT64 - much like NAT44 - is being able to determine
the identity of a given user through the NAT at a given point in time.
How feasible this is depends on how robust/scalable $XYZ's translation
logging capabilities are, and possibly how easily that data can be matched
against a source of identify information, such as RADIUS accounting logs,
DHCP lease logs, etc.
Other IPv6 transition mechanisms appear to be no less thorny than NAT64
for a variety of reasons.
I'm curious to see how others are planning to tackle (or already have
tacked) this issue. Discussing vendor-specific solutions is fine, but I
think keeping things as platform/vendor agnostic as possible for the time
being would allow this thread to be more beneficial to a wider audience.
The floor is open...
jms
- NAT64 and matching identities Justin M. Streiner
-
