[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)



> On Aug 27, 2008, at 03:17, Mark Smith wrote:
> > * Native IPv6 CPE security, plus IPv4 security/functionality
> > requirements to support IPv6 transition via IPv4 tunnelling
> 
> It was my understanding that this is the proper scope, not the  
> alternatives you mentioned.

If the scope includes IPv6-over-IPv4 tunnels, then there are two 
network topologies:

  1.  CPE gets a single IPv4 address and is an IPv4 NAPT, or
  2.  the residential user gets one IPv4 address for each 
      device in their home that wants to do a IPv6-over-IPv4 
      tunnel.

If (1), I don't see how unsolicited incoming packets can be
directed to the correct host behind the IPv4 NAPT.

If (2), we are outside the realm of simple residential networks -- they only
have one IPv4 address.  We can't plan for more to become common as we approach
IPv4 exhaustion.


Is there another network topology that I am missing?

-d