NAT66 and the subscriber prefix length

Fred Baker fred at cisco.com
Fri Nov 14 14:55:55 CST 2008


Before we get too deeply exercised, let Margaret and I huddle on it.  
The issue you raised can be trivially solved by adding the checksum  
offset to a different 16 bits in the address, such as bits 96..127. In  
fact, the only reason to care which bits it is added to is to handle  
multi-DMZ sites - multihoming. I'm looking at GSE/NAT66, which may be  
a very interesting application of the technology...

On Nov 14, 2008, at 9:07 AM, <michael.dillon at bt.com> <michael.dillon at bt.com 
 > wrote:

> Not long ago, ARIN changed the IPv6 policy so that
> residential subscribers could be issued with a /56
> instead of the normal /48 assignment. This was done
> so that ISPs with large numbers of subscriber sites
> would not exhaust their /32 (or larger) allocations
> too soon. Since these ISPs are allowed to assign
> a /56 to residential subscriber sites, their initial
> IPv6 allocation will last a lot longer and they won't
> have to apply for an additional allocation while
> everyone is getting up to speed with an IPv6 Internet.
>
> Now, however, the IETF is discussing a form of NAT
> for IPv6 called NAT66. See this draft for details
> <http://www.ietf.org/internet-drafts/draft-mrw-behave-nat66-01.txt>
> Part of this new NAT is that they are checksum neutral.
> They do this by modifying bits in the address that are
> not needed. Specifically, they assume that the
> end site has a /48 allocation, and that the next
> 16 bits up to the /64 boundary, are non-essential
> information outside the end-site boundary. These
> bits are then twiddled to preserve the IPv6 header
> checksum. Of course, these are the same bits that
> an ISP relies on for reducing the assignment size
> to /56.
>
> I see a potential conflict here. If we assume that NAT66
> will be widely used by consumers, then it follows that
> consumer end-sites will need a /48 assignment in order
> for IPv6 to work. But some ISPs want to reduce the end
> site assignment to /56 meaning that NAT66 won't work for
> those consumers.
>
> Of course, it's not all set in stone yet which is why I
> am posting this to NANOG. If ISP's who intend to use
> /56 allocations could join in the discussions, then perhaps
> we could develop some form of NAT66 that works with /56
> prefix lengths.
>
> Personally, I would be happy to just see every site
> consistently use a /48 assignment. Corporate campus or
> one-room studio apartment; it's all the same to me.
>
> --Michael Dillon
>





More information about the NANOG mailing list