[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NAT-PT Applicability

To: ipng@uni-muenster.de
Subject: Re: NAT-PT Applicability
From: itojun@itojun.org (Jun-ichiro itojun Hagino)
Date: Thu, 23 Oct 2003 14:59:40 +0900 (JST)
Cc: satapati@cisco.com, v6ops@ops.ietf.org
In-reply-to: Your message of "Wed, 22 Oct 2003 13:27:31 +0200" <1066822051.2164.40.camel@kummerog.uni-muenster.de>
References: <1066822051.2164.40.camel@kummerog.uni-muenster.de>

> > Comments are welcome !!!
> Here are my comments.
> 
> Para 3.2:
>         If more than one box implementing NAT-PT is present, then the
>         scalability problem may be circumvented by using e.g. DNS-ALGs
>         that can do round-robin or some other form of load-balancing.
>         
>         Load-balancing also has its drawbacks as the majority of hosts
>         cache answers to DNS queries. And additionally, if the NAT-PT
>         box and the DNS-ALG are not one unit, failures of one or the
>         other are diffcult to handle (due to the current lack of some
>         form of communication/surveillance between the two).
> 
> It is probably worth to mention that it is to some extent possible to do
> load-balancing. Apart from that, I think that the draft is very nice and
> surely a good help to get an overview of what problems one can expect
> when deploying NAT-PT.
> 
> Load balancing NAT-PT is quite a challenge. When using NAT-PT+DNS-ALG to
> help IPv6 hosts to connect to the IPv4 world it is more complicated than
> simply using a balancing DNS-ALG. It will work nicely until a NAT-PT box
> dies or can't handle the amount of traffic anymore. When this is the
> case, there have to be some means of notifying the DNS-ALG that this
> NAT-PT box is unavailable and has to be left out when assigning IPv6
> prefixes to converted IPv4 addresses (assuming that each NAT-PT box
> handles the translation for one of those assigned IPv6 prefixes for
> converted IPv4 addresses). The question is how this can be done
> efficiently. Does the DNS-ALG have to check the NAT-PT boxes somehow? Do
> the NAT-PT boxes have to send out notifications that they can't
> translate traffic anymore (if there is only a partial failure like too
> much traffic/too much CPU usage/...)? Just a thought.

	with a commercial implementation (from Yokogawa) DNS-ALG monitors
	live/dead status of NAT-PT box by some means (ping?) and returns
	fabricated AAAA response with NAT-PT prefix associated with live boxes.
	i don't think we need to go into such implementation details in this
	document.

itojun

References:
- Re: NAT-PT Applicability
  - From: "Christian Strauf (JOIN)" <ipng@uni-muenster.de>

Prev by Date: RE: Comments on draft-ietf-v6ops-ent-scenarios-00
Next by Date: Comments draft-palet-v6ops-proto41-nat-01.txt
Previous by thread: Re: NAT-PT Applicability
Next by thread: I-D ACTION:draft-park-scalable-multi-natpt-00.txt
Index(es):
- Date
- Thread