[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
draft-durand-v6ops-natv4v6v4
everyone--
I have some comments on the proposed solutions.
IPv6-Only >> In my wildest flights of fantasy, I cannot imagine this
as a serious proposal. It's only here for the sake of completeness,
yes? There is currently no practical value for IPv6-only service
except to sites which don't need access to the public Internet and
only need connectivity to an identified set of IPv6-only peers. These
customers can be adequately served by tunneling IPv6 over IPv4, e.g.
the way Apple's Back-to-my-Mac works today.
Double IPv4->IPv4->IPv4 NAT >> This solution has an additional
unstated advantage. It's already deployed in residential settings and
known to "work" to the satisfaction of its users. It has drawbacks.
Here's what I think about the ones noted in the draft.
+ We will fix the first drawback, i.e. the hole-punching problem of
multiple layers of NAT, by forwarding NAT-PMP requests up the chain to
the router with the public IPv4 address. Obviously UPnP IGD will have
to be likewise upgraded, but these router products tend to have a
comparatively short product lifespan, and forces unrelated to IPv6
deployment will be driving this upgrade.
+ The operational issues of operating several IPv4 routing realms on a
large continental-scale network aren't impossible to manage. They're
just difficult. Consider it an opportunity to concentrate on your
core competencies.
+ Address conflicts are already a reasonably manageable problem inside
residential networks, where users are stacking up NAT behind NAT on
their own premises just because configuring boxes requires a level of
geeky expertise that normal people generally avoid acquiring. The
same mechanisms we use to mitigate those problems will have to be used
to deal with the case where the ISP is providing RFC 1918 addresses
that conflict with what the box wants to use in its factory
configuration. (At Apple, this is already a problem in some markets
where ISP's are routinely deploying the Double IPv4->IPv4->IPv4 NAT
solution.)
Double IPv4->IPv6->IPv4 >> From the customer perspective, this looks
identical to the Double IPv4->IPv4->IPv4 NAT solution above, because
the only way this architecture can work is if the CPE that does the v4-
>v6 translation is provider provisioned. Absent the heavy hand of
market regulation by government, vendors of retail consumer IPv4/NAT
residential gateway CPE devices have no incentive whatsoever to assist
ISP's with the deployment of the Double IPv4->IPv6->IPv4 solution to
their operational issues.
+ On the subject of ALG requirements in this alternative: yes, the
ALG's at both the v4->v6 NAT and the v6-v4 NAT will be required to
translate addresses in the application protocols.
IPv6 Tunneling + carrier-grade IPv4->IPv4 NAT >> This is a
simplification of the Double IPv4->IPv6->IPv4 solution above, and like
it, looks identical to Double IPv4->IPv4->IPv4 from the customer
perspective. Whether the provider provisioned CPE does IPv6 tunnel to
carrier grade IPv4->IPv4 NAT or IPv4->IPv6 NAT is matter for providers
to decide. Most will end up doing both in different parts of their
networks.
+ The address sharing consideration described in section 5 is
applicable to the Double IPv6->IPv6->IPv4 NAT solution as well. The
problem arises at the translation into the public IPv4 routing realm,
and it's really a problem for application service providers to solve.
If "a well-known application" uses AJAX to open 69 TCP ports per web
page served, then the footprint they're taking up on the global IPv4
address for each client is 69 ports per web page, regardless of
whether those clients are IPv4-only, IPv6-only or dual-stack. If they
want to make their service available to as many customers as possible,
then the IPv4 address depletion problem amounts to an effective cap on
the growth of the market they can expect to be able to serve over IPv4
in the future.
+ The way these applications will respond to that problem, I predict,
is to reduce the footprint they require on the IPv4/NAT public address
for their clients. They will only feel safe transitioning to IPv6
after a significant fraction of their user base has native IPv6
service superior to their existing IPv4 service. Anything that makes
their existing IPv4 service limp along better in the face of address
depletion reduces the urgency such application providers feel to make
the transition to IPv6.
Multicast considerations >> The only multicast routing that needs to
be considered is SSM originating in the service provider with
receivers on their customer networks. All other multicast
applications are, for practical purpose, dead on arrival. Probably,
the best way to do this is to define an IPv6 SSM prefix that subsumes
the existing IPv4 SSM addresses, and to define a way to send an IPv6
SSM stream that can be easily translated into an equivalent IPv4 SSM
stream at the provider provisioned CPE router.
--
james woodyatt <jhw@apple.com>
member of technical staff, communications engineering