[100051] in North American Network Operators' Group
Re: Access to the IPv4 net for IPv6-only systems, was: Re: WG Action: Conclusion of IP Version 6 (ipv6)
daemon@ATHENA.MIT.EDU (Iljitsch van Beijnum)
Sun Oct 14 06:54:18 2007
In-Reply-To: <92641D84-DFFA-4718-AE08-20B32CF925D5@muada.com>
Cc: North American Noise and Off-topic Gripes <nanog@merit.edu>
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Sat, 13 Oct 2007 22:49:00 +0200
To: Iljitsch van Beijnum <iljitsch@muada.com>
Errors-To: owner-nanog@merit.edu
On 4-okt-2007, at 14:36, Iljitsch van Beijnum wrote:
> I would be interested to know how many people favor each of the
> following approaches. Feel free to send me private email and I'll
> summerize.
I only got three replies, which don't really support drawing many
conclusions.
> 1. Keep NAT and ALGs out of IPv6 and use additional protocols
> between hosts and firewalls to open "pinholes" in firewalls (where
> appropriate/allowed, such as in consumer installations) to avoid ALGs
+ +
> 2. Keep NAT out of IPv6 but use ALGs to bypass firewalls
_
> 3. Come up with a standard way of doing 1-to-1 NAT (no PAT) in IPv6
> 4. Come up with a standard way of doing NAT/PAT in IPv6
+
> 5. Everyone do whatever suits their needs like what happened in IPv4
-
Interestingly, nobody seems to like option 3.
> And: if people start using NAT in IPv6 I will:
> a. Implement ALGs and application workarounds to accommodate it
"don't want to but we'll have to if it comes to this" x 2
unqualified x 1
> b. Not do anything, it's their problem if stuff breaks
"would prefer this if it were up to me" x 1
> c. Break stuff that goes through IPv6 NAT on purpose to prove a point
-