Greenfield 464XLAT (In January)
Tore Anderson
tore at fud.no
Fri Jun 12 05:14:33 UTC 2015
* Baldur Norddahl <baldur.norddahl at gmail.com>
> The high tech solution is stuff like MAP where you move the cost out
> to the CPE. But then you need to control the CPE - if you have that
> then great. You would still want to sell a non-NAT (and MAP is NAT)
> to users that require a public IPv4 address, so you still need to go
> dual stack or use some tunnelling for that.
Hi Baldur,
MAP is *not* NAT; that's what's so neat about it. The users do get a
public IPv4 address (or prefix!) routed to their CPE's WAN interface,
towards which they can accept inbound unsolicited connections.
The public IPv4 address could be port-restricted if the operator wants
address sharing, but it does not have to be. You could do both at the
same time, e.g., giving your "premium" users a /32 or /28, while the
standard subscription includes a /32 with 4k ports.
I will grant you that MAP-T performs NAT (i.e., protocol translation)
internally, but the translations that happens when a packet enters the
MAP domain are reversed when it exits. So the IPv4 addresses are
transparent end-to-end.
MAP-E (and lw4o6 for that matter), on the other hand, has no form of
NAT anywhere. (Unless you count the NAPT44 that sits between the
subscriber's RFC1918 LAN segment and the CPE's WAN interface, but
that's not exactly something that's unique to MAP.)
Nicholas: If I were you, before going down the 464XLAT route, I'd first
look closely at these technologies, in the order given:
1) MAP (because it is fully stateless)
2) lw4o6 (because it is mostly stateless, i.e., no session tracking)
3) DS-Lite (which, like 464XLAT, is stateful, but you'll have way more
CPEs to choose from than with 464XLAT, which is mostly for mobile)
Tore
More information about the NANOG
mailing list