NAT64 and matching identities
Justin M. Streiner
streiner at cluebyfour.org
Mon Nov 18 20:06:52 UTC 2013
It's looking more and more like NAT64 will be in our future. One of the
valid concerns for NAT64 - much like NAT44 - is being able to determine
the identity of a given user through the NAT at a given point in time.
How feasible this is depends on how robust/scalable $XYZ's translation
logging capabilities are, and possibly how easily that data can be matched
against a source of identify information, such as RADIUS accounting logs,
DHCP lease logs, etc.
Other IPv6 transition mechanisms appear to be no less thorny than NAT64
for a variety of reasons.
I'm curious to see how others are planning to tackle (or already have
tacked) this issue. Discussing vendor-specific solutions is fine, but I
think keeping things as platform/vendor agnostic as possible for the time
being would allow this thread to be more beneficial to a wider audience.
The floor is open...
More information about the NANOG