Re: Tunnel-to-NAT scenario

[Iljitsch van Beijnum <iljitsch@muada.com>]

On 17 jun 2008, at 13:47, Jari Arkko wrote:

> I hope no one is no longer arguing that we should do a double NAT. I  
> think that would be wrong because tunneling ensures that your IPv4  
> traffic is as intact as possible. Yes, it may eventually get NATted,  
> but I do not want to create technology that forces you to do it no  
> matter what is at the other end. For instance, with a tunnel-based  
> crossing of the v6-only cloud customers sites that have public IPv4  
> space will not see any NAT effects.

I agree that in the case of passing IPv4 through IPv6 without NAT  
tunneling is better. However, the case that we're discussing here is  
the one where there is also NAT involved. In that case, pretty much  
all the fields in the IPv4 header are mangled/ignored anyway, so there  
is no real value in carrying them across the IPv6 cloud intact.

Basically, by borrowing 32 bits of the IPv6 destination in the IPv6  
header, we can compress away the entire IPv4 header because none of  
the fields in there are needed later.

By going one step further and also adjusting the transport checksums  
it's possible to use the same NAT64 that also serves IPv6 hosts that  
want to talk to IPv4 destinations, which saves implementing two sets  
of translators or translators that support two different types of  
translation.