[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bridging IPv6 only networks



[ post by non-subscriber.  with the massive amount of spam, it is easy to
 miss and therefore delete mis-posts.  so fix subscription addresses! ]

Keith Moore wrote:

NAT is not a perfect solution, but a solution that, like it or not,
the Internet is now very familiar with. We know the limits, and where it works, it works rather well.

I strongly disagree. Most network admins are still not familiar with the problems NAT causes. Most network admins still do not understand
the limits of NAT. No general workarounds for NAT have been identified. NAT "works" only by drastically decreasing the flexibility of the Internet
to support new applications, so claims that it "works rather well" need
to be taken with a large dose of salt.

Keith

[I've changed the title of this thread, as the discussion is no longer
on Ipv4-mapped addresses]

Don't take me wrong, I'm not saying NAT is a perfect solution, far from that.
I'm saying the model is well understood, partly thanks to you Keith.
We know where it works and where it does not. That knowledge
may or may not have percolated to all network admin, but its
a different issue.

I'm not advocating NAT instead of IPv6, I'm saying that NAT-like
(NAT64/SIIT) technology would enable to deploy IPv6-only
networks. Such hosts will work exactly the same as IPv4 hosts
that are today behind a NAT when talking to the IPv4 world
and benefit from end-to-end connectivity when talking to the IPv6 only world.

The success (or failure) of IPv6 will not be measured by how well
early deployment using dual-stack technique will work, but
by how well large to very large IPv6-only networks will operate.

One think that we learned in the last 2 years by studying DNS, SMTP,
SIP & friends is that, in order to keep the Internet from fragmenting
and being balkanized, nodes needs to access basic services regardless
of the IP version they are using. The current operational approach is
to mandate dual stack in the core infrastructure pieces of the Internet:
SMTP relays, DNS resolvers/servers,...
This approach works well in the early days, when the 'penetration rate'
of IPv6 is low (say < 10%) and will not be an issue when this
rate will be 80% or more (access to v4 services will not be critical anymore)
but I'm concerned that this will not work very well when
IPv6 penetration rate will be something like 50% and large to
very large IPv6-only network will be a reality.

I think bridging both world at the IP layer makes more sense than
bridging them at upper layers, and NAT-like technology is a natural
candidate for that purpose.

- Alain.