[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SIIT/NAT64 is similar to RSIP
>> bzzzt. wrong.
>> if your FTP client is IPv6-only, it will issue EPSV/EPRT with protocol
>> #2. FTP server on the other end is IPv4-only, which does not
>> understand it.
>BZZZZ.. Wrong. :-)
>This goes to the NAT64 box which does the translation the same way
>NAT-PT would do!
hmm, then that's the fundamental difference between NAT64 and SIIT.
NAT64 does rewrite the content of the packet, which means,
- support nightmare just like we had in IPv4-to-IPv4 NAT, just like
NAT-PT,
- you can't put multiple NAT64 boxes in your site border (= scalability
problem) just like NAT-PT.
- NAT64 box has to deal with fragmentation issue just like NAT-PT.
- NAT64 translator box is stateful, and single point of failure,
just like NAT-PT.
draft-durand-ngtrans-nat64-nat46-00.txt is not clear enough about it
(or i wasn't careful when reading it), and i'm not happy with "scalable
NAT mechanism" written in the abstract of the draft. it doesn't scale.
anyways, you didn't answer my first question - how do you collocate
IPv4 firewall and NAT64 into the same box?
itojun