[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Follow-up work on NAT-PT - a new approach

To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Subject: Re: Follow-up work on NAT-PT - a new approach
From: John Curran <jcurran@mail.com>
Date: Thu, 8 Nov 2007 18:27:51 -0500
Cc: IPv6 Operations <v6ops@ops.ietf.org>
In-reply-to: <47338CE2.7040201@gmail.com>
References: <5FCD348C-5927-4F18-A002-0E3BF21ED5F4@NLnetLabs.nl> <47110056.70400@piuha.net> <47251FBA.9030507@gmail.com> <FBBEC281-65AB-47C6-A9D8-389DB9435D55@thetiger.com> <4726453A.2030500@gmail.com> <472664BF.4020709@ca.afilias.info> <473353D5.4040206@wanadoo.fr> <47337A94.7010005@gmail.com> <p06240805c35937157b57@[192.168.3.76]> <47338CE2.7040201@gmail.com>

At 11:25 AM +1300 11/9/07, Brian E Carpenter wrote:
>I would envisage a similar approach for an ISP supporting
>SOHO subscribers - that really isn't much different from
>a campus network. The ISP will need dual-stack mail servers,
>for example. Anyone providing services to the public will need
>a dual stack, for that matter, if they want to be accessible.

At some point, ISP's will: 1) Be unable to readily obtain additional
IPv4 address space, 2) Want to keep growing, and 3) Want a
method for connecting up customers via IPv6-only which provides
some semblance of full Internet connectivity (including backward
reachability to IPv4 destinations).

From the ISP point of view, some of the key requirements are:

 - Has to require a minimal amount of special per-site
   (or per-site-host) configuration in order to provide
   the connectivity to Internet IPv4-only sites.

 - Allow for sharing of some IPv4 space that the ISP
   has set aside for such purposes.

 - Allow implementation of the same "site" policies
   (such as port-based firewall filters) on the IPv4
   backward-compatible connectivity that customers
   use today to provide nominal security.

Contrary to what a lot of folks think, I don't think that the
backwards-compatibility IPv4 connectivity really needs to
be general purpose, or application friendly, or support a
truly end2end model.   While NAT-PR is indeed imperfect
(as documented in RFC4966), it still provides minimal
backwards connectivity that is going to be desperately
needed for many providers.

>However, for the residual cases, it's precisely because
>of the issues with NAT-PT that I've just started working
>on SHANTI. Whether that's of value is for the community
>to say.

If there's a way to improve the resulting connectivity
without create a raft of customer configuration and
support issues, it's probably of value to the community.

/John

Follow-Ups:
- Re: Follow-up work on NAT-PT - a new approach
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>

References:
- Re: Follow-up work on NAT-PT
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: Follow-up work on NAT-PT
  - From: David Miles <davidm@thetiger.com>
- Re: Follow-up work on NAT-PT
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: Follow-up work on NAT-PT
  - From: Brian Dickson <briand@ca.afilias.info>
- Re: Follow-up work on NAT-PT - a new approach
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: Follow-up work on NAT-PT - a new approach
  - From: John Curran <jcurran@mail.com>
- Re: Follow-up work on NAT-PT - a new approach
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>

Prev by Date: I-D ACTION:draft-ietf-v6ops-addr-select-req-04.txt
Next by Date: Re: Follow-up work on NAT-PT
Previous by thread: Re: Follow-up work on NAT-PT - a new approach
Next by thread: Re: Follow-up work on NAT-PT - a new approach
Index(es):
- Date
- Thread