Hi Chris,
On Nov 2, 2009, at 2:15 PM, Chris Engel wrote:
Forgive me if I am entering late into the discussion here...but I
was referred to the IETF mailing lists by individuals from a
discussion that was occurring in the ARIN mailing lists.
It is never too late to state your opinion, especially when it agrees
so closely with mine! :-)
If this discussion occurred on a public ARIN mailing list, could you
send me a pointer? I'd be interested in what else was said about the
need for NATs in IPv6.
The NAT66 list in IETF seemed to me to be the most relevant place to
raise my concerns. Please forgive me if this is not the proper venue
to raise such issues...as this is my first participation with IETF
mailing lists.
This is a fine place to state your opinion about the need for NAT in
IPv6, as that is the primary subject of this group.
However, I don't want there to be any confusion about the status of
the NAT66 work... At this point, the Transport and Internet Area
Directors have rejected the NAT66 document, and have suggested that
Fred Baker (my co-author) and I publish it as an independent
submission. So, unless something changes, it is highly unlikely that
this work will be pursued in the IETF. I am very disappointed about
that, because I believe that an IETF NAT66 document could have made a
positive difference in how NAT's are implemented for IPv6, but we've
not been successful in convincing the Internet or Transport ADs, and
their support is needed to present or propose any work in the IETF.
First, by way of introduction...I'm a Network Manager in charge of
operations at a small ASP. My responsibilities include management of
both the corporate network infrastructure and the infrastructure of
the environment where the application services my company provides
to it's clients is hosted. As such, I find NAT an EXTREMELY useful
tool under IPv4 and would expect it to remain so under IPv6. In
fact, were some sort of NAT solution not available under IPv6, my
company would likely eschew any implementation of IPv6 to whatever
degree would be possible.
As one of the authors of NAT66, I agree with much of what you are
saying below.
Have you read the NAT66 draft that describes how to build an IPv6 NAT
box using 1:1 address mapping and no port mapping? Would the type of
NAT described in that document meet your needs for an IPv6 NAT? We're
working on an update to allow NAT66 to work on networks with a prefix
longer than /48, but the current version is here:
https://datatracker.ietf.org/drafts/draft-mrw-behave-nat66/
As an enterprise network administrator, you would be a great example
of a "customer" for a NAT66 device, so we would be very interested in
your feedback on how the device we've described would/wouldn't meet
your needs.
I do NOT feel that RFC 4864 adequately addresses the utility of
NAT.... nor adequately provides a acceptable substitutes for it.
[...]
I think that your analysis of the limitations of RFC 4864 is right
on. That document is a work product of the IPv6 Operations (v6ops)
WG, so if you would like to propose an update to RFC 4864, you would
probably do best to do that in the v6ops WG ([email protected]).
Welcome to the IETF! Please don't be put off by the responses you've
received so far. Not everyone in the IETF is as much of an
architectural purist as Keith or James... In fact, we have a lot of
diversity of opinion in the IETF, with lots of lively debate, and that
is one of our strengths. While it may not always sound like it, we do
want and need input from enterprise administrators to develop
protocols that are useful in real-world environments.
Margaret
_______________________________________________
nat66 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nat66
