Subject: Re: IPFilter IPv6 configuration
To: Ronald van der Pol <rvdp@rvdp.org>
From: Pelle Johansson <morth@morth.org>
List: tech-net
Date: 04/07/2005 17:58:24
2005-04-07 kl. 16.44 skrev Ronald van der Pol:
> On Wed, Apr 06, 2005 at 20:35:32 +0200, Pelle Johansson wrote:
>
>>> WHAT! who is asking you for IPv6 NAT?
>>
>> I think the most obvious reasons would be transitions between IPv6 and
>> IPv4, in both directions.
>> This would be needed to completely get rid of an IPv4 internal network
>> but still provide connectivity to IPv4 sites.
>
> Check out:
> http://www.ietf.org/internet-drafts/draft-ietf-v6ops-natpt-to-
> exprmntl-00.txt
>
> Running dual stack is the kiss and generally considered preferred way.
I'd like to point out that what I was suggesting would be a replacement
for IPv4 NAT. It would only be applicable in the cases where IPv4 NAT
is already used. It is correct that a dual stack would work just as
well, which perhaps decreases the utility, but isn't there a value in
running a single stack? You can get rid of DHCP, router configuration,
etc.
Some of the issues mentioned in
http://www.ietf.org/internet-drafts/draft-ietf-v6ops-natpt-to-exprmntl
-00.txt are valid, but not all. There's no need for DNS-ALG, and
generally there wouldn't be more issues than with IPv4 NAT.
The biggest problem is of course that it requires endnode support. The
required setting (a 64 bit prefix) probably belongs in the stateful
autoconfiguration (or set manually, of course).
The main purpose would be to allow legacy applications that only
support IPv4 (lots are still being created) to work over an IPv6 only
network. One could also imagine to allow them access to a subset of the
IPv6 network by rerouting for example the 10.x addresses to local
nodes, but that would raise some additional issues.
--
Pelle Johansson
<morth@morth.org>