Some people say that NAT66 (as defined in the NAT66 document) will address their needs for NAT in IPv6. They want to use NAT in IPv6 for address independence, and they do not desire the other features/side effects of NAPT
"Some people" sure. A far greater number of us, however, are looking for stateful NAT as well. Question is, why are a relatively small number of stateless NAT (66) proponents being catered to while the majority is ignored?
I am not sure that I understand how/if an IPv6 NAPT box would meet this need better than a NAT66/Stateful FW combination, as long as the stateful firewall "failed closed", as you say.
Curious why you are asking this question given the number of times it has been answered in this forum as well as NANOG and ARIN-PPML. One of those answers has to do with multi-homing (without internal renumbering). Another is the issue of privacy. Can you tell me how GUA/ULA differs in concept from ATT telling you that you cannot use a PBX to forward calls, and that you have to use a DID for each and every phone?
Other people actually seem to _want_ to have multiple internal nodes addressed at a single IP address using port translation. In most cases I've heard described, this is desired for its "topology hiding" properties. The ability to track/identify individual nodes outside the site can go both ways -- it can make it easier for network administrators to locate/diagnose network issues, but it also makes it easier for attackers to identify individual nodes to attack. I've heard people argue on both sides of this issue.
Sure, and you'd hear both sides of the GU/DID issue if ATT ever decided to float that equally hairbrained idea.
For folks who actually _want_ the properties and/or side effects of sharing a single address among multiple nodes, NAT66 won't do what they want, and they will ask their vendors for something else. That "something else" may be defined by the IETF or by customers/vendors, but it is not the intended subject of discussion on this list.
Is this not also true for NAT66? Roger Marquis _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
