On Feb 1, 2011, at 2:43 PM, David Barak wrote:
________________________________
From: Owen DeLong <owen@delong.com>
David Barak Need Geek Rock? Try The Franchise: http://www.listentothefranchise.com
If you're determined to destroy IPv6 by bringing the problems of NAT forward with you, then, I'm fine with you remaining in your >IPv4 island. I'm willing to bet that most organizations will embrace an internet unencumbered by the brokenness that is NAT and >move forward. I do not think that lack of NAT has been a significant barrier to IPv6 adoption, nor do I think it will be.
Lack of NAT may or may not continue to be a barrier to IPv6 adoption. However, it certainly *has* been a barrier to IPv6 adoption - I have had customers tell me that explicitly, and I have no reason to doubt them.
I'm sure there are a few isolated places where IPv6 might have been adopted if it hadn't been for the fact that nobody has educated them on the alternatives. However, I'm not convinced there are very many of them. Most of the people I have had more detailed conversations with go something like this: X: We con't implement IPv6 because there's no NAT and we depend on NAT. O: Why do you depend on NAT? All it does is conserve addresses? X: We use it for address obfuscation and security. We have to meet PCI-DSS and other audit criteria. O: Well, the latest PCI-DSS doesn't require NAT. Additionally, you can get better address obfuscation with privacy addresses. All the security in NAT comes from stateful inspection. You can still do that in IPv6, you just don't rewrite the address in the packet. X: You've got an answer for everything, don't you? O: Well, I've been doing IPv6 for a few years now. It works pretty well for me and I'm really glad I don't have to deal with the problems caused by NAT. X: Well, OK, but, even if we ignore NAT, we're still not ready to do IPv6. Then we discuss their real issues stopping them from going to IPv6. So... I think there are a lot more people using NAT as an excuse than there are people that would actually implement IPv6 if we just gave them NAT. In any case, I think as they find their NATv4 environment becoming an island disconnected from the internet, they'll probably reconsider that decision. I'm OK with waiting until that time for those people to connect to IPv6. Owen