NAT66 and the subscriber prefix length

michael.dillon at michael.dillon at
Fri Nov 14 17:07:40 UTC 2008

Not long ago, ARIN changed the IPv6 policy so that
residential subscribers could be issued with a /56
instead of the normal /48 assignment. This was done
so that ISPs with large numbers of subscriber sites
would not exhaust their /32 (or larger) allocations
too soon. Since these ISPs are allowed to assign
a /56 to residential subscriber sites, their initial
IPv6 allocation will last a lot longer and they won't
have to apply for an additional allocation while 
everyone is getting up to speed with an IPv6 Internet.

Now, however, the IETF is discussing a form of NAT
for IPv6 called NAT66. See this draft for details
Part of this new NAT is that they are checksum neutral.
They do this by modifying bits in the address that are
not needed. Specifically, they assume that the 
end site has a /48 allocation, and that the next
16 bits up to the /64 boundary, are non-essential
information outside the end-site boundary. These
bits are then twiddled to preserve the IPv6 header
checksum. Of course, these are the same bits that 
an ISP relies on for reducing the assignment size
to /56.

I see a potential conflict here. If we assume that NAT66
will be widely used by consumers, then it follows that
consumer end-sites will need a /48 assignment in order
for IPv6 to work. But some ISPs want to reduce the end
site assignment to /56 meaning that NAT66 won't work for
those consumers.

Of course, it's not all set in stone yet which is why I
am posting this to NANOG. If ISP's who intend to use
/56 allocations could join in the discussions, then perhaps
we could develop some form of NAT66 that works with /56
prefix lengths.

Personally, I would be happy to just see every site
consistently use a /48 assignment. Corporate campus or
one-room studio apartment; it's all the same to me.

--Michael Dillon

More information about the NANOG mailing list