nanog mailing list archives
Re: NAT444 or ?
From: Douglas Otis <dotis () mail-abuse org>
Date: Fri, 02 Sep 2011 10:44:59 -0700
On 9/1/11 11:52 AM, Cameron Byrne wrote:
On Thu, Sep 1, 2011 at 11:36 AM, Serge Vautour<sergevautour () yahoo ca> wrote:Hello, Things I understand: IPv6 is the long term solution to IPv4 exhaustion. For IPv6 to work correctly, most of the IPv4 content has to be on IPv6. That's not there yet. IPv6 deployment to end users is not trivial (end user support, CPE support, etc...). Translation techniques are generally evil. IPv6->IPv4 still requires 1 IPv4 IP per end user or else you're doing NAT. IPv4->IPv6 (1-1) doesn't solve our main problem of giving users access to the IPv4 Internet.Correct, all content is not there yet... but World IPv6 Day showed that Google, Facebook, Yahoo, Microsoft and 400+ others are just about ready to go. http://en.wikipedia.org/wiki/World_IPv6_Day IPv6->IPv4 does not require 1 to 1, .... any protocol translation is a form of NATish things, and stateful NAT64 has many desirable properties IF you already do NAT44. Specifically, it is nice that IPv6 flows bypass the NAT .... and as more content becomes IPv6, NAT becomes less and less used. In this way, unlike NAT44 or NAT444, NAT64 has an exit strategy that ends with proper E2E networking with IPv6... the technology and economic incentives push the right way (more IPv6...) Have a look at http://tools.ietf.org/html/rfc6146 There are multiple opensource and big vendor (C, J, B, LB guys...) implementation of NAT64 / DNS64 ... I have trialed it and plan to deploy it, YMMV... It works great for web and email, not so great for gaming and Skype.
http://tools.ietf.org/html/rfc6333 http://tools.ietf.org/html/draft-bpw-pcp-nat-pmp-interworking-00 moves CPE NAT to the ISP tunneled over 192.0.0.0/29.
Has anyone deployed NAT444? Can folks share their experiences? Does it really break this many apps? What other options do we have?Yes, expect it to be deployed in places where the access gear can only do IPv4 and there is no money or technology available to bring in IPv6.
A false economy when support outweigh CPE cost. -Doug
Current thread:
- NAT444 or ? Serge Vautour (Sep 01)
- Re: NAT444 or ? Cameron Byrne (Sep 01)
- Re: NAT444 or ? Douglas Otis (Sep 05)
- Re: NAT444 or ? Arturo Servin (Sep 06)
- Re: NAT444 or ? Tore Anderson (Sep 07)
- Re: NAT444 or ? Randy Bush (Sep 07)
- RE: NAT444 or ? Leigh Porter (Sep 07)
- Re: NAT444 or ? Randy Bush (Sep 07)
- RE: NAT444 or ? Leigh Porter (Sep 07)
- Re: NAT444 or ? Daniel Roesen (Sep 07)
- RE: NAT444 or ? Leigh Porter (Sep 07)
- Re: NAT444 or ? Geoff Huston (Sep 07)
- Re: NAT444 or ? Seth Mos (Sep 07)
- Re: NAT444 or ? Tore Anderson (Sep 07)
- Re: NAT444 or ? Cameron Byrne (Sep 01)