[arin-ppml] NAT444 rumors (was Re: Looking for an IPv6 naysayer...)

Benson Schliesser bensons at queuefull.net
Tue Feb 22 08:29:23 UTC 2011


On Feb 21, 2011, at 10:16 PM, Chris Grundemann wrote:

> On Mon, Feb 21, 2011 at 19:08, Dan Wing <dwing at cisco.com> wrote:
> 
>> Its title, filename, abstract, and introduction all say the problems
>> are specific to NAT444.  Which is untrue.
> 
> I just re-read the filename, abstract and introduction, and I disagree
> that any of those say that the problems are specific to NAT444. They
> all do state that these problems are present in NAT444, but not that
> it's the only technology/scenario/configuration where you might find
> them.

Let's at least agree that the text isn't precise.  I've had a large number of conversations in which relatively intelligent people advocated other (non-NAT444) scenarios involving CGN, built on the premise that NAT444 is broken and draft-donley-nat444-impacts is evidence.  Either the draft is perfectly clear and all of these people are stupid, or the draft is misleading (intentionally or unintentionally).

> More importantly, I am unsure the point of this argument. Are you
> trying to say that the items listed as broken in the draft are not
> actually broken? Because in my experience they are. IMHO, the fact
> that they are also broken in other (similar) scenarios is not evidence
> that they are not broken in this one. On the contrary, this scenario
> seems to be evidence to the brokenness in the others (until we get a
> chance to test and document them all - are you volunteering? ;).

There seems to be a position, taken by others on these lists, that IPv6 is the only address family that matters.  Interestingly, this position seems to be most pronounced from people not involved in operating production networks.  But, regardless, if I were to accept this position then I might also agree that it doesn't matter whether or not draft-donley-nat444-impacts is misleading.

On the contrary: While I emphatically agree that IPv6 is the path forward, I don't accept the notion that IPv4 no longer matters.  IPv4 is the present-day Internet, and IPv4 connectivity is demanded by present-day paying customers - you don't burn the bridge until *after* you've crossed it.  Further, given that IPv4 does matter yet has an exhausted address supply, there exists a need for IPv4 address sharing technology.  Fundamentally, this means that we need to discuss and engineer the best possible address sharing technology.  It may never be as good as native end-to-end IPv6, but sub-optimal is not the same thing as "broken" as others have claimed, and sub-optimal might be acceptable if it's the only alternative.

Of course, we can also rely on an IPv4 address market to avoid NAT in the more sensitive situations (i.e. situations with more sensitive users).  But that's a different conversation.

Cheers,
-Benson







More information about the NANOG mailing list