[135062] in North American Network Operators' Group
Re: Is NAT can provide some kind of protection?
daemon@ATHENA.MIT.EDU (Owen DeLong)
Sat Jan 15 20:23:31 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <Pine.OSX.4.64.1101151822000.426@cevin-2.local>
Date: Sat, 15 Jan 2011 17:18:40 -0800
To: Brandon Ross <bross@pobox.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 15, 2011, at 3:24 PM, Brandon Ross wrote:
> On Sat, 15 Jan 2011, Owen DeLong wrote:
>=20
>> I really doubt this will be the case in IPv6.
>=20
> I really hope you are right, because I don't want to see that either, =
however...
>=20
> Why do you suppose they did that before with IPv4? Sure you can make =
the argument NOW that v4 is in scarce supply, but 10 years ago it was =
still the case.
>=20
1. IPv4 provided no convenient way for them to dynamically assign =
more than a /32. DHCPv6 allows for DHCP-PD.
2. IPv4 addresses were known to be scarce before most of the =
current residential ISPs even existed at least in their current form.
10 years ago, we knew that we had gone a decade beyond the point when we =
recognized that IPv4 would runout if we kept issuing
addresses to consumers. Frankly, we didn't, at the time, expect NAT + =
single address assignments to buy us more than about 10
years and it came as a bit of a surprise when we still had a bunch of =
space left at that point.
> Has Comcast actually come out and committed to allowing me to have as =
my IPs as I want on a consumer connection in the most basic, cheapest =
package? Has any other major provider?
>=20
No. But they have said that they are issuing prefixes and not host =
addresses.
I doubt any ISP will commit to offering you as many IPs as you want on =
the most basic consumer grade service as I don't think
any ISP would make that commitment on their top of the line business =
class service, either.
However, I think you will see most ISPs offering at least /56s and =
hopefully /48s.
Free.fr is giving out /60s, but, that's due to their limitations on =
their 6rd deployment and I suspect that when they
migrate to native IPv6, they may use larger prefixes.
I don't think there's too much to worry about providers handing out =
individual addresses in IPv6. It's too hard to maintain
and it doesn't scale like it did in IPv4.
I do think that we have to worry about things like /60s and /56s getting =
entrenched. I think it is unfortunate that IETF has
backed off of the /48 standard in their recent update to 3177. I think =
that clarification that it is for an end-site would have
been better. The use of /56s will hamper innovation and prevent vendors =
from bringing some cool things to the market.
Owen
