RE: FW: I-D ACTION:draft-aoun-v6ops-natpt-deprecate-00.txt

[Pyda Srisuresh <srisuresh@yahoo.com>]

--- Pekka Savola <pekkas@netcore.fi> wrote:

> This is a fundamental deployment argument than one about NAT-PT, but 
> nevertheless I guess this should be said..
> 
[suresh] Thanks. Hence the argument for not deprecating it.

> On Mon, 11 Oct 2004, Pyda Srisuresh wrote:
> > As Senthil points out, the assumption that NAT-PT deployment will stifle
> > innovation in v6 seems flawed. NAT-PT is a transition mechanism which is
> > essential for wider V6 deployment. Without NAT-PT, you will see bigger
> > resistance to deploying V6 . You need NAT-PT for legacy applications (ex:
> > e-mail, ftp) to work as is across V4 and V6 realms. 
> 
> This ('NAT-PT.. essential for wider V6 deployment') may or may not be
> true if you assume that there will be strong incentives for deploying
> IPv6-only systems which need to talk to a vast majority of v4 systems
> in the near future. 

[suresh] Not sure what you meant. I am not making any assumptions about the
size of deployments, given the early stage yet for V6. I am merely refering to
the likely scenario of V6-only and V4-only nodes. 

>                     If that's not the case, it's certainly not
> correct -- you can deploy IPv6 as dual-stack without any need for
> NAT-PT.  And dual-stack is definitely the simplest way to deploy IPv6.
> 

[suresh] You might refer comments from Steve Klynsma & Jim Bound - about
difficulties the defence dept faces to transition to dual stacks. It just goes
to show that the IETF can only offer transition mechanims, but not mandate one.
When the choices are comprehensive, the customers will pick the one that best
suits their environment.

> > No change to end-hosts or
> > applications. This is the attraction of NAT-PT. This is not the same as the
> > proxy solution that will require applications to be changed/recompiled. 
> 
> You don't need to change end-hosts or applications (in the manner you
> probably mean) if you deploy dual-stack.  If you deploy v6-only, you 
> need to change end-hosts MORE than with dual-stack.
> 
[suresh] Please see my comment above.

> I have the feeling that most typical applications applications already
> support proxies or have inherent support for middleboxes (e.g., http,
> smtp, dns, ftp).
 
[suresh] Disagree with your comment about proxies. What did you mean by
"inherent support for middleboxes"? Middleboxes refer to many things including
proxies, NATs and NAT-PTs.
 
>                  Changes are only necessary if one would like to
> pursue a generic 'SOCKS' -like approach for IPv6 deployment, but that
> has not gotten much deployment AFAICS.

[suresh] I cant quite parse what you are saying here. Please see my earlier
comments about deployment scenarios and need to have a comprehensive choices
for users to transition to. It would be a mistake for the IETF to deprecate
NAT-PT. As vendors had done in the past, vendors will deploy solutions that
fits customer needs, irrespective of what the IETF does. It would help if the
IETF was not oblivion to real-world customer needs. 

> 
> -- 
> Pekka Savola                 "You each name yourselves king, yet the
> Netcore Oy                    kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
> 
> 
regards,
suresh


=====