On Mar 23, 2009, at 5:06 AM, Ted Hardie wrote:
At 1:18 AM -0700 3/23/09, Fred Baker wrote:
The difference between shim6 and NAT66 in the case is that
the host itself isn't aware that it is using the address (it is using
a ULA or some other address),
Just to be clear, what does "some other address" encompass
as possibilities? Can you see any case where it would be using
some other PA address, PI address, or link-local?
Ted
The NAT66 draft describes a scenario in which the hosts in a network
are using one set of addresses, whether PA from some other ISP or ULA,
and send packets using that address through a DMZ that changes the
prefix (the upper 64 bits) by a stated algorithm. A network with many
ISPs might have many such DMZs between itself and its DMZs. The host
would therefore think it is using the interior address while its peer
would observe it using one of the various exterior addresses that
result from the use of the same interface identifier with the various
prefixes in question, and the checksum algorithm.
I would be surprised to see a link-local address in that context, as
IPv6 systems aren't supposed to use them unless the address of the
peer is also link-local.
So what I am saying is that system A would see system B, in the
following, as having PA addresses from three different ISPs, but B
would see itself as only using one ULA. The DMZ systems doing the
translation make the change. If it were a shim6 network, B would
directly use the three overlaid PA prefixes, and would itself use the
three PA addresses.
+-----+ |
|ISP 1|--+
/ DMZ | |
/+-----+ |
/ |
/ +-----+ | +---+
+---+ / |ISP 2|--+-| B |
| A ----- The Internet -----| DMZ | | +---+
+---+ \ +-----+ |
\ |
\ +-----+ |
\|ISP 3|--+
| DMZ | |
+-----+ |
_______________________________________________
nat66 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nat66
