20 Feb
2009
20 Feb
'09
12:49 a.m.
Do you really want to keep state for hundreds of end user devices in your equipment?
In my mind, IPv6 more than ever requires the customer to have their own L3 device (which you delegate a /56 to with DHCPv6-PD).
Imagine the size of your TCAM needed with antispoofing ACLs and adjacancies when the customer has 100 active IPv6 addresses (remember that IPv6 enabled devices often have multiple IPv6 addresses, my windows machine regularily grabs 3 for instance).
we do not have to imagine. c & j have both demonstrated the nat scaling problem when protyping for comcast. that is why the idea of a 'carrier grade' nat in the core has become man near-edge nats and ds-lite. it is sorely broken architecture. randy