nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: quietly....

From: Owen DeLong <owen () delong com>
Date: Tue, 1 Feb 2011 18:03:38 -0800

On Feb 1, 2011, at 3:41 PM, Karl Auer wrote:


On Tue, 2011-02-01 at 13:38 -0800, Owen DeLong wrote:

NAT solves exactly one problem. It provides a way to reduce address
consumption to work around a shortage of addresses.


Devil's advocate hat on: NAT (in its most common form) also permits
internal addressing to be independent of external addressing.


Which is a bug, not a feature.


The side effects of that are not necessarily desirable (loss of
end-to-end connectivity, performance issues, limitations on simultaneous
connections etc etc).


Exactly.


It seems to me that it is this property of NAT that people are most
loath to lose. And why ULA looks tantalisingly delicious.


Yeah, but, if we take a step back and look for what they actually want
that they are willing to give up everything else to get, it usually boils
down to two things:

        1.      Obfuscation of host addresses
        2.      Ability to move an entire topology from one number space to
                another without reconfiguring the topology.

IPv6 solves 1 with privacy addresses. These are horrible and I hope
nobody really uses them, but, they're better than NAT.

The solution to number 2 depends again on the circumstance. IPv6
offers a variety of tools for this problem, but, I have yet to see an
environment where the other tools can't offer a better solution than
NAT.

Owen
Previous By Date Next
Previous By Thread Next

Current thread: