On 4-okt-2007, at 14:36, Iljitsch van Beijnum wrote:
I would be interested to know how many people favor each of the following approaches. Feel free to send me private email and I'll summerize.
I only got three replies, which don't really support drawing many conclusions.
1. Keep NAT and ALGs out of IPv6 and use additional protocols between hosts and firewalls to open "pinholes" in firewalls (where appropriate/allowed, such as in consumer installations) to avoid ALGs
+ +
2. Keep NAT out of IPv6 but use ALGs to bypass firewalls
_
3. Come up with a standard way of doing 1-to-1 NAT (no PAT) in IPv6
4. Come up with a standard way of doing NAT/PAT in IPv6
+
5. Everyone do whatever suits their needs like what happened in IPv4
- Interestingly, nobody seems to like option 3.
And: if people start using NAT in IPv6 I will:
a. Implement ALGs and application workarounds to accommodate it
"don't want to but we'll have to if it comes to this" x 2 unqualified x 1
b. Not do anything, it's their problem if stuff breaks
"would prefer this if it were up to me" x 1
c. Break stuff that goes through IPv6 NAT on purpose to prove a point
-