On Mar 22, 2010, at 9:39 PM, Daniel Senie wrote:
On Mar 22, 2010, at 6:53 PM, Stan Barber wrote:
In this case, I am talking about an IPv6<->IPv6 NAT analogue to the current IPv4<->IPv4 NAT that is widely used with residential Internet service delivery today.
I believe that with IPv6 having much larger pool of addresses and each residential customer getting a large chunk of addresses will make IPv6<->IPv6 NAT unnecessary. I also believe that there will be IPv6 applications that require end-to-end communications that would be broken where NAT of that type used. Generally speaking, many users of the Internet today have not had the luxury to experience the end-to-end model because of the wide use of NAT.
End-to-end applications will face much of the same interruption issues in the future as today. They will face firewall equipment that inspects the packet stream and purposefully blocks applications that are potentially harmful (e.g. vectors for systems infection). While the address translation part of stateful inspection firewall processing may not be used for IPv6, all other aspects of firewall function will be as applicable to IPv6 packets as they are to IPv4.
Sure, but, for the most part, it is the address translation part that does unintended damage to end-to-end protocols. The stateful inspection is intended interference, so usually a work-around is undesirable. In the case of NAT, there's often a need for a workaround due to the unintended consequences. Hence the creation of STUN, SNAT, UPNP, etc.
Given that these customers today don't routinely multihome today, I currently believe that behavior will continue. Multihoming is generally more complicated and expensive than just having a single connection with a default route and most residential customers don't have the time, expertise or financial support to do that. So, the rate of multihoming will stay about the same even though the number of potential sites that could multihome could increase dramatically as IPv6 takes hold.
I deal more with small businesses than residences, but I will take issue with the premise presented. Today there are many products, especially firewalls that allow "multihoming" of a sort using multiple upstream connections in conjunction with IPv4 and NAT. This is fairly simple, and can allow smaller offices, such as a company's field offices to combine multiple broadband connections, such as a cable modem and a DSL connection, to attain higher reliability and increased bandwidth.
Albeit with a number of less than ideal tradeoffs vs. a BGP-based multihoming solution. With the smaller routing table afforded by IPv6, this will be less expensive. As a result, I suspect there will be more IPv6 small multihomers. That's generally a good thing.
Because these appear to be just two broadband customer modems in one location (whether small business or residence), you cannot easily determine that such combining is being done.
As this is a VERY useful, and well-used capability, it will be interesting to see what the vendors choose to offer in their equipment as IPv6 support improves.
It's pretty easy to do this in IPv6 without NAT. Just advertise both prefixes in the RA from the device and you're done. Owen