the alleged evils of NAT, was Rate of growth on IPv6 not fast enough?

• Previous message (by thread): the alleged evils of NAT, was Rate of growth on IPv6 not fast enough?
• Next message (by thread): the alleged evils of NAT, was Rate of growth on IPv6 not fast enough?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Apr 30, 2010, at 6:26 PM, David Conrad wrote:

> Paul,
> 
> On Apr 29, 2010, at 8:29 AM, Paul Timmins wrote:
>> If you change ISPs, send out an RA with the new addresses, wait a bit, then send out an RA with lifetime 0 on the old address.
> 
> Even if this works (and I know a lot of applications that use the socket() API that effectively cache the address returned by DNS for the lifetime of the application), how does this help situations where IPv6 address literals are specified in configuration files, e.g., resolv.conf, glue for authoritative DNS servers, firewalls/filters, network management systems, etc.?  See sections 5 and 7 of http://www.rfc-editor.org/internet-drafts/draft-carpenter-renum-needs-work-05.txt
> 
Ideally, in the vast majority of cases, resolv.conf is populated by dhcpv6 or it's successor.

It is actually possible (although I agree questionable practice) to have your NS glue records updated dynamically.

Firewalls and NMS can usually be done by copying the existing rulesets and doing a global S&R on the affected prefix.

It's not like a v4 renumbering. You'll still be dealing with a 1:1 replacement of the prefix and the suffixes don't need to change.

IPv6 also has the convenient concept of preferred and valid lifetimes on addresses facilitating a convenient overlap period while both prefixes still work, but, new flows should be universally originated from the specified prefix. This makes it easier to identify hosts in need of manual intervention by monitoring for traffic sourced from the incorrect prefix.

> The point here is that if there is a non-zero cost associated with renumbering, there will be non-zero incentive to deploy technologies such as NATv6 to reduce that cost.  Some folks have made the argument that for sites large enough for the cost of renumbering to be significant, they should be able to justify provider independent space and be willing to accept the administrative and financial cost. While this may be the case (I have some doubts that many of the folks using PA space now will be all that interested in dealing with the RIR system, but I may be biased), it does raise concerns about routing system growth and forces ISPs to be willing to accept long IPv6 prefixes from end users (which some ISPs have already said they won't do).
> 
There is a non-zero cost associated with renumbering.  However, it is much closer to zero than in IPv4.  There is also a non-zero cost to NAT. Unfortunately, the costs of NAT are more on the toxic polluter basis, where you must pay your own tab for renumbering. As such, NAT in IPv6 will probably be as popular as SPAM is in IPv4, to about the same level of detriment.

Owen

• Previous message (by thread): the alleged evils of NAT, was Rate of growth on IPv6 not fast enough?
• Next message (by thread): the alleged evils of NAT, was Rate of growth on IPv6 not fast enough?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]