First let me verify assumptions on naming. When I talk about nat66, I am
talking about the proposal in
http://tools.ietf.org/html/draft-mrw-behave-nat66. If you're not, please
proceed carefully. If you are proposing to replicate IPv4/IPv4 NAT in IPv6/IPv6
NAT without thought or change, you are probably correct. That's not the topic
of this list, though.
If you are talking about network prefix translation, as proposed, reachability
is not in question. The question is mutual use of prefixes. In a NAT66 world,
an address as seen here as one prefix is reachable there as another prefix.
Your definition depends on the IPv4/IPv4 concept that a NAT divides worlds into
mutually unreachable domains. In NAT66 as defined in the nat66 spec, we have
not made the world mutually unreachable. We have simply changed the prefix to
make routing more scalable while we connect them.
Conceptual example.
In your domain, you are using, let's say, a ULA, and that is the only prefix by
which you are known. I would want to call this your "realm". From your ISP, you
are also provided with a prefix, and when the datagram from your computer
crosses that domain boundary, the DMZ replaces the prefix and does whatever it
is going to do about TCP/UDP checksums. In your domain, you are effectively
provider-independent, able to work with multiple ISPs without renumbering
equipment, and equally reachable through all of them. In ISP2's domain, you are
in effect using a provider-allocated address, and routing scales as it does
with any provider-allocated address.
Ditto with me, my domain, and my relationship with me set of ISPs including
ISP1.
------ ------ ------ ------
// My \\ // \\ // \\ // Your \\
/ULA Realm \ / ISP1 \ / ISP2 \ /ULA Realm \
|| || || || || || || ||
| +---+ +---+ | | +---+ +---+|
| |Me | |DMZ| ------- |DMZ| |You||
| +---+ +---+ | | +---+ +---+|
|| || || || || || || ||
\ / \ / \ / \ /
\\ // \\ // \\ // \\ //
------ ------ ------ ------
|<- my realm ->|<-------- Core Realm ----->|<-your realm->|
If "you" decide to send a datagram to "Me", you ask DNS to translate my name to
my address, and among others you get my address as seen by ISP1. You send it
from your realm's addressing: your source address is in a ULA. It crosses the
DMZ to ISP2, changing to ISP2's prefix; we now have a datagram from somewhere
in ISP2 to ISP1. For ISP2, it is simply "somewhere in ISP1"; in ISP1 it is
specifically somewhere at my domain. It crosses my DMZ, and now it is from your
PA address to my ULA address.
If we're going to use the world "realm", I think the area the realms cover is
the same as you describe, and which I show above. However, "Me" is reachable by
"You" at my PA address. There is no question of non-reachability, and no
question of dynamic session state in the translation.
I think in a NAT66 world, you would have to extend the definition to say that
an IPv4 prefix realm is about reachability as you say; an IPv6 realm is one in
which the same prefix pair is used in both the source and destination address
in an IPv6 datagram.
On Apr 29, 2010, at 12:15 AM, Schwarz Albrecht wrote:
> We got a definition for "IPv4 realm", based on RFC 2663 (but also RFC 3103).
> Both RFC's are IPv4 oriented, not providing an explicit definition for an
> "IPv6 realm".
>
> This question might be related to NAT66, because the IPv4 realm concept is
> originating from NAT44.
>
> Does anyone know a correspondent definition/reference for IPv6 realm?
>
> If not, I'd like to offer an initial proposal for discussion, - a common
> realm term for IPv4 and IPv6:
>
> (IPv4 or IPv6 address) realm: is defined as a set of addresses, which share
> all a common prefix, that are mutually reachable (thus, within a single IP
> routing domain).
>
> Note: "IPv6 realm" definition based on the GLOBAL UNICAST ADDRESS format (ยง
> 2.5.4/RFC 4291) because this is a hierarchical format using a "global routing
> prefix", which is assigned to a "site" (i.e. sth like a REALM).
> Comments would be appreciated,
> Albrecht
> _____
> RFC 2663 IP Network Address Translator (NAT) Terminology and Considerations
> 2.1. Address realm or realm
>
>
>
>
> An address realm is a network domain in which the network addresses
> are uniquely assigned to entities such that datagrams can be routed
> to them. Routing protocols used within the network domain are
> responsible for finding routes to entities given their network
> addresses. Note that this document is limited to describing NAT in
> IPv4 environment and does not address the use of NAT in other types
> of environment. (e.g. IPv6 environments)
>
>
> RFC 3103 Realm Specific IP: Protocol Specification
> 3. Terminology
> Private Realm
>
> A routing realm that uses private IP addresses from the ranges
> (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) specified in
> [
> RFC1918
> ], or addresses that are non-routable from the Internet.
>
> Public Realm
>
> A routing realm with unique network addresses assigned by the
> Internet Assigned Number Authority (IANA) or an equivalent address
> registry.
>
> _______________________________________________
> nat66 mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/nat66
http://www.ipinc.net/IPv4.GIF
_______________________________________________
nat66 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nat66
