Thus spake Scott Leibrand [EMAIL PROTECTED]
I think what we wanted to get rid of in IPv6 was one-to-many
NAT, also know as PAT (among other names). In IPv6, we
can stick to one-to-one NAT, which eliminates most of the
nastiness we associate with NAT in today's IPv4 world.
The only legitimate
On Wed, Jun 20, 2007 at 12:27:17PM +0200, Eliot Lear wrote:
There are two that I can point you at, and perhaps the temporal
difference would be at least amusing:
* Renumbering: Threat or Menace?, Lear, Katinsky, Tharp, et al,
Proceedings of the Tenth Systems Administration
On Jun 20, 2007, at 3:11 AM, Jeroen Massar wrote:
I think there has been hype on both sides of this question. Router
renumbering used to be VERY annoying. I've now published several
times
on the subject
Any links to the papers?
A paper which in-my-non-humble-opinion covers a lot of
On Jun 19, 2007, at 5:41 PM, Mark Andrews wrote:
I would have thought that router renumbering should be no
harder that host renumbering. Essentially all you are
changing is the higher (/48 normally) prefix bits.
assuming that all prefixes are 48 bits long, fine.
On 2007-06-21 04:03, Perry Lorier wrote:
james woodyatt wrote:
On 20 Jun 2007, at 15:10, Mark Smith wrote:
On Wed, 20 Jun 2007 11:16:15 -0700 james woodyatt [EMAIL PROTECTED] wrote:
I'd be more sympathetic to arguments like this if we RFC 4864 didn't
insist on recommending the deployment of
I'd be more sympathetic to arguments like this if we RFC
4864 didn't
insist on recommending the deployment of stateful packet filters in
IPv6 that break most of the things NAT breaks in IPv4.
It seems to me that you're
making the assumption that the only scenario IPv6 will be
Firewalls don't get upgraded to support SCTP and DCCP because
applications are all limping along with TCP and UDP. Egg:
meet chicken.
Sounds like a good area for standardization so that this state of
affairs is not carried forward into IPv6. And especially, if there is a
standard way for
Scott Leibrand wrote:
Jeroen Massar wrote:
The above hosts are Internet connected and most likely will thus also
end up
talking to the Internet at one point or another. I can thus only guess
that
they will be wanting to fully connect to the Internet one day and the
generic solution to
Mark Andrews wrote:
I would have thought that router renumbering should be no
harder that host renumbering. Essentially all you are
changing is the higher (/48 normally) prefix bits. All
that is required is a method to distribute the set of
prefixes in
Eliot Lear wrote:
Mark Andrews wrote:
I would have thought that router renumbering should be no
harder that host renumbering. Essentially all you are
changing is the higher (/48 normally) prefix bits. All
that is required is a method to distribute the set of
prefixes in
Jeroen Massar wrote:
Eliot Lear wrote:
Mark Andrews wrote:
I would have thought that router renumbering should be no
harder that host renumbering. Essentially all you are
changing is the higher (/48 normally) prefix bits. All
that is required is a method to distribute
In my opinion, this means that the router of the future needs
to look a little different, and this has implications for
other subsystems. Much of this could conceivably be hidden
with DNS,
Since when do IP networks require DNS to function. We run a global IPv4
network with over 10,000
Michael,
I totally understand the concern over circular dependencies. They are
not to be underestimated. And in a service provider environment I think
you must be doubly cautious about them. However, in an enterprise
environment it may be appropriate to make certain allowances for certain
On Tue, 19 Jun 2007 17:12:12 -0700
Scott Leibrand [EMAIL PROTECTED] wrote:
Jeroen Massar wrote:
The above hosts are Internet connected and most likely will thus also
end up
talking to the Internet at one point or another. I can thus only guess that
they will be wanting to fully
On 20 Jun 2007, at 11:00, Mark Smith wrote:
Getting rid of PAT doesn't eliminate a number of other problems that
NAT creates, which Keith Moore has documented here :
http://www.cs.utk.edu/~moore/what-nats-break.html
I'd be more sympathetic to arguments like this if we RFC 4864 didn't
On 20 Jun 2007, at 11:00, Mark Smith wrote:
Getting rid of PAT doesn't eliminate a number of other problems that
NAT creates, which Keith Moore has documented here :
http://www.cs.utk.edu/~moore/what-nats-break.html
I'd be more sympathetic to arguments like this if we RFC 4864
On Wed, 20 Jun 2007 11:16:15 -0700
james woodyatt [EMAIL PROTECTED] wrote:
On 20 Jun 2007, at 11:00, Mark Smith wrote:
Getting rid of PAT doesn't eliminate a number of other problems that
NAT creates, which Keith Moore has documented here :
On 20 Jun 2007, at 15:10, Mark Smith wrote:
On Wed, 20 Jun 2007 11:16:15 -0700 james woodyatt [EMAIL PROTECTED]
wrote:
I'd be more sympathetic to arguments like this if we RFC 4864 didn't
insist on recommending the deployment of stateful packet filters in
IPv6 that break most of the things
james woodyatt wrote:
On 20 Jun 2007, at 15:10, Mark Smith wrote:
On Wed, 20 Jun 2007 11:16:15 -0700 james woodyatt [EMAIL PROTECTED] wrote:
I'd be more sympathetic to arguments like this if we RFC 4864 didn't
insist on recommending the deployment of stateful packet filters in
IPv6 that
Jeroen Massar wrote:
The above hosts are Internet connected and most likely will thus also
end up
talking to the Internet at one point or another. I can thus only guess that
they will be wanting to fully connect to the Internet one day and the
generic solution to that problem is NAT. We wanted
I would have thought that router renumbering should be no
harder that host renumbering. Essentially all you are
changing is the higher (/48 normally) prefix bits. All
that is required is a method to distribute the set of
prefixes in use with a set of tags
I would have thought that router renumbering should be no
harder that host renumbering. Essentially all you are
changing is the higher (/48 normally) prefix bits. All
that is required is a method to distribute the set of
prefixes in use with a set of tags
Hi,
On Jun 19, 2007, at 5:12 PM, Scott Leibrand wrote:
I think what we wanted to get rid of in IPv6 was one-to-many NAT,
also know as PAT (among other names). In IPv6, we can stick to one-
to-one NAT, which eliminates most of the nastiness we associate
with NAT in today's IPv4 world.
no renumbering event is too hard in isolation ..
BGP peers, MRTG/CRICKET monitoring, /ACL configs, syslog all come to mind
as issues/considerations for router renumbering.
and remember tht the router is the distribution engine of the set
of prefixes in use with a set of tags
This prompted a jabber discussion extracts of which follow.
X note that people who operate routers are usually all about control.
automatic renumbering is scary except maybe on the edge
marka There is no loss of control. It would still require a human to add a
prefix to the set
25 matches
Mail list logo