nanog mailing list archives
Re: quietly....
From: Owen DeLong <owen () delong com>
Date: Tue, 1 Feb 2011 15:11:57 -0800
On Feb 1, 2011, at 2:43 PM, David Barak wrote:
________________________________ From: Owen DeLong <owen () delong com> David Barak Need Geek Rock? Try The Franchise: http://www.listentothefranchise.comIf you're determined to destroy IPv6 by bringing the problems of NAT forward with you, then, I'm fine with you remaining in your >IPv4 island. I'm willing to bet that most organizations will embrace an internet unencumbered by the brokenness that is NAT and >move forward. I do not think that lack of NAT has been a significant barrier to IPv6 adoption, nor do I think it will be.Lack of NAT may or may not continue to be a barrier to IPv6 adoption. However, it certainly *has* been a barrier to IPv6 adoption - I have had customers tell me that explicitly, and I have no reason to doubt them.
I'm sure there are a few isolated places where IPv6 might have been adopted if it hadn't been for the fact that nobody has educated them on the alternatives. However, I'm not convinced there are very many of them. Most of the people I have had more detailed conversations with go something like this: X: We con't implement IPv6 because there's no NAT and we depend on NAT. O: Why do you depend on NAT? All it does is conserve addresses? X: We use it for address obfuscation and security. We have to meet PCI-DSS and other audit criteria. O: Well, the latest PCI-DSS doesn't require NAT. Additionally, you can get better address obfuscation with privacy addresses. All the security in NAT comes from stateful inspection. You can still do that in IPv6, you just don't rewrite the address in the packet. X: You've got an answer for everything, don't you? O: Well, I've been doing IPv6 for a few years now. It works pretty well for me and I'm really glad I don't have to deal with the problems caused by NAT. X: Well, OK, but, even if we ignore NAT, we're still not ready to do IPv6. Then we discuss their real issues stopping them from going to IPv6. So... I think there are a lot more people using NAT as an excuse than there are people that would actually implement IPv6 if we just gave them NAT. In any case, I think as they find their NATv4 environment becoming an island disconnected from the internet, they'll probably reconsider that decision. I'm OK with waiting until that time for those people to connect to IPv6. Owen
Current thread:
- Re: quietly...., (continued)
- Re: quietly.... Owen DeLong (Feb 02)
- Re: quietly.... John Curran (Feb 01)
- Re: quietly.... Geoff Huston (Feb 02)
- Re: quietly.... Matthew Petach (Feb 02)
- Re: quietly.... Rene Wilhelm (Feb 02)
- Re: quietly.... Geoff Huston (Feb 01)
- Re: quietly.... Jack Bates (Feb 01)
- Re: quietly.... Valdis . Kletnieks (Feb 01)
- Re: quietly.... Owen DeLong (Feb 01)
- Re: quietly.... David Barak (Feb 01)
- Re: quietly.... Owen DeLong (Feb 01)
- Re: quietly.... Jay Ashworth (Feb 02)
- Re: quietly.... Blake Dunlap (Feb 02)
- Re: quietly.... Jay Ashworth (Feb 02)
- Re: quietly.... Mark Andrews (Feb 02)
- Re: quietly.... Jay Ashworth (Feb 02)
- Re: quietly.... Matthew Palmer (Feb 02)
- Re: quietly.... Jay Ashworth (Feb 02)
- Re: quietly.... Matthew Palmer (Feb 02)
- Re: quietly.... Owen DeLong (Feb 02)
- Re: quietly.... Jack Bates (Feb 03)