> > Have you considered selection of ULA prefix(es) for internal network > > in such a manner that it/they can be translated to NAT uplink's /64 > > prefix in checksum neutral fashion? > > > > Additionally, if stateful address autoconfiguration (DHCPv6) is used > > in the network deploying NAT66, have you considered that the DHCPv6 > > server could choose /128 addresses in a fashion allowing checksum > > neutral translation by NAT66? > > This is an interesting idea, however it undermines the purpose of > NAT66... If the internal addresses are chosen to allow checksum > neutral translation to external addresses, then the internal addresses > will need to be changed whenever the site is renumbered by an ISP, or > when a site changes ISPs. > > If the internal addresses are dependent on the external addresses, I > don't see the advantage of using NAT66. You could, instead, just > number the internal links with global addresses.
True, but I think the significance depends on the deployment case at hand (it might happen that NAT66 "leaks" to scenarios outside of the intended purpose). If the internal network is small and fully automatically numbered using SLAAC, the nodes are anyhow prepared for prefix lifetime expiration and should easily switch to use new prefix having longer lifetime for all new connections. Hence if the uplink prefix changes (or new one becomes available) the NAT66 device might have to do some checksum recalculation for packets until the internal network is automatically renumbered with new ULA providing the checksum neutral property. As the new ULA is probably advertised quickly, all new sessions should start to use it and hence performance impact for NAT66 (caused by checksum calculation effort) does not last too long? Anyhow, just a thought to include or not in addition to random ULA. Best regards, Teemu P.S. I would prefer world without NATs.. I actually recall hearing not long ago that astronomers found one pretty promising in a nearby solar system?-) _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
