quietly....

Brian Johnson bjohnson at drtel.com
Thu Feb 3 08:53:12 CST 2011


I will rebut in-line.

>-----Original Message-----
>From: Dave Israel [mailto:davei at otd.com]
>Sent: Wednesday, February 02, 2011 11:57 PM
>To: nanog at nanog.org
>Subject: Re: quietly....
>
>On 2/2/2011 5:42 PM, Brian Johnson wrote:
>> I must have missed something.  Why would u do NAT in IPv6?
>
>1) To allow yourself to change or maintain multiple upstreams without
>renumbering.

Not sure what you mean here. So having PI space can't accomplish this?

>2) To allow your IPv6-only hosts to reach IPv4 addresses, or vice versa.

This is not a NAT66 specific solution.

>3) To give all your outbound sessions a mutual appearance, so as to
>confound those attempting to build a profile of your activity.

So this goes back to security through obscurity. OK.

>4) To irritate the IPv6 faithful.
>5) Because it is funny.

Oh yeah, I forgot that you were funny. :)

>6) Because you have allocated a single address to a machine that later
>on actually represents n differerent actual network entities, and
>retrofitting them with their own unique IPv6 subnet presents a problem.

Huh?

>7) Because Iljitch bet you you couldn't, and you don't want to lose a bet.
>8) Because chicks/dudes think it's hot.
>9) Because you can.
>10) Because it is the year 8585, and we're running low on IPv6 addresses


OK... so this list of ten boils down to really two items that seem completely valid and one that seems like a corner case, but are also not the purpose of NAT66 as far as I can tell.

Anyone else without the sarcasm?

- Brian

P.S... I'm not against NAT66, I just don't yet understand it at the layers above 7. :)





More information about the NANOG mailing list