[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: I-D ACTION:draft-aoun-v6ops-natpt-deprecate-00.txt

To: Gert Doering <gert@space.net>
Subject: Re: FW: I-D ACTION:draft-aoun-v6ops-natpt-deprecate-00.txt
From: Pekka Savola <pekkas@netcore.fi>
Date: Thu, 21 Oct 2004 10:51:57 +0300 (EEST)
Cc: Liu Min <liumin@ict.ac.cn>, "'Soininen Jonne (Nokia-NET/Helsinki)'" <jonne.soininen@nokia.com>, "'V6OPS'" <v6ops@ops.ietf.org>
In-reply-to: <20041021063343.GL55181@Space.Net>

On Thu, 21 Oct 2004, Gert Doering wrote:
> On Thu, Oct 21, 2004 at 07:24:52AM +0300, Pekka Savola wrote:
> > AFAICS, there is nothing stopping from deploying IPv4 w/ private
> > addresses alongside with IPv6, and IPv6 could even be used dominantly
> > in the network (if that's felt to be desirable for a political
> > reasons, or to gain experience) if the typically used services such as
> > HTTP, SMTP, DNS, etc. could be proxied by ALGs at the border.
> 
> I'm not sure if this is *better* than IPv6-only with NAT-PT at the border.
> 
> If the network is large enough, the effort for maintaining IPv4 addresses
> and a dual-stack network infrastructure can be significantly higher than
> for an IPv6-only network.
> 
> IPv4 with private addresses uses NAT, IPv6->IPv4 uses NAT-PT - both are
> evil, can't say one of them is "worse".

That's a valid argument, though I'd be interested in hearing more
detailed analysis on the actual amount of added maintenance due to
[private] v4.  [I also argue that you'll have to waste more energy
trying to get things to work completely in a v6-only environment than
just running v4 where needed.]

However, my main argument in this kind of situation is that we might
not want to proliferate the v4 NAT behaviour to v6->v4 NAT behaviour.  
As soon as we start doing NAT-PT people that are using IPv6-ony start
expecting that their applications will work through the NAT-PT.  For
example, their peer-to-peer application.  This results in either a LOT 
of code in NAT-PT, and/or a lot of code in the applications.

(This is discussed a bit in the nat-pt deprecation draft.)

And what I'd like to avoid is requiring IPv6 applications to deal with
NATs.  But if we do NAT-PT and the like, that seems inevitable and a
major benefit of IPv6 applications goes away.

Hence, I think there is some weight in trying to keep IPv6 free of
generic translators such as NAT-PT, or IPv6 NAT which would break some
applications.  (Application proxies are already designed with those
applications in mind, so those are OK.)

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

References:
- Re: FW: I-D ACTION:draft-aoun-v6ops-natpt-deprecate-00.txt
  - From: Gert Doering <gert@space.net>

Prev by Date: Re: FW: I-D ACTION:draft-aoun-v6ops-natpt-deprecate-00.txt
Next by Date: Re: comments on draft-palet-v6ops-solution-tun-auto-disc-00.txt
Previous by thread: Re: FW: I-D ACTION:draft-aoun-v6ops-natpt-deprecate-00.txt
Next by thread: RE: FW: I-D ACTION:draft-aoun-v6ops-natpt-deprecate-00.txt
Index(es):
- Date
- Thread