Re: IP4 Space

[Owen DeLong <owen () delong com>]

On Mar 22, 2010, at 9:39 PM, Daniel Senie wrote:

> On Mar 22, 2010, at 6:53 PM, Stan Barber wrote:
>
> > In this case, I am talking about an IPv6<->IPv6 NAT analogue to the current IPv4<->IPv4 NAT that is widely used with 
> > residential Internet service delivery today.
> >
> > I believe that with IPv6 having much larger pool of addresses and each residential customer getting a large chunk of 
> > addresses will make  IPv6<->IPv6 NAT unnecessary. I also believe that there will be IPv6 applications that require 
> > end-to-end communications that would be broken where NAT of that type used. Generally speaking, many users of the 
> > Internet today have not had the luxury to experience the end-to-end model because of the wide use of NAT. 
>
> End-to-end applications will face much of the same interruption issues in the future as today. They will face 
> firewall equipment that inspects the packet stream and purposefully blocks applications that are potentially harmful 
> (e.g. vectors for systems infection). While the address translation part of stateful inspection firewall processing 
> may not be used for IPv6, all other aspects of firewall function will be as applicable to IPv6 packets as they are to 
> IPv4.
Sure, but, for the most part, it is the address translation part that does unintended damage to end-to-end protocols.
The stateful inspection is intended interference, so usually a work-around is undesirable. In the case of NAT, there's
often  a need for a workaround due to the unintended consequences. Hence the creation of STUN, SNAT, UPNP, etc.

> > Given that these customers today don't routinely multihome  today, I currently believe that behavior will continue. 
> > Multihoming is generally more complicated and expensive than just having a single connection with a default route 
> > and most residential customers don't have the time, expertise or financial support to do that. So, the rate of 
> > multihoming will stay about the same even though the number of potential sites that could multihome could increase 
> > dramatically as IPv6 takes hold.
>
> I deal more with small businesses than residences, but I will take issue with the premise presented. Today there are 
> many products, especially firewalls that allow "multihoming" of a sort using multiple upstream connections in 
> conjunction with IPv4 and NAT. This is fairly simple, and can allow smaller offices, such as a company's field 
> offices to combine multiple broadband connections, such as a cable modem and a DSL connection, to attain higher 
> reliability and increased bandwidth.
Albeit with a number of less than ideal tradeoffs vs. a BGP-based multihoming solution.

With the smaller routing table afforded by IPv6, this will be less expensive. As a result, I
suspect there will be more IPv6 small multihomers.

That's generally a good thing.

> Because these appear to be just two broadband customer modems in one location (whether small business or residence), 
> you cannot easily determine that such combining is being done.
>
> As this is a VERY useful, and well-used capability, it will be interesting to see what the vendors choose to offer in 
> their equipment as IPv6 support improves.

It's pretty easy to do this in IPv6 without NAT.  Just advertise both prefixes in the RA from the device and you're 
done.

Owen