[136236] in North American Network Operators' Group
Re: quietly....
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Feb 1 21:04:36 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <1296603710.12449.19.camel@karl>
Date: Tue, 1 Feb 2011 18:03:38 -0800
To: Karl Auer <kauer@biplane.com.au>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 1, 2011, at 3:41 PM, Karl Auer wrote:
> On Tue, 2011-02-01 at 13:38 -0800, Owen DeLong wrote:
>> NAT solves exactly one problem. It provides a way to reduce address
>> consumption to work around a shortage of addresses.
>
> Devil's advocate hat on: NAT (in its most common form) also permits
> internal addressing to be independent of external addressing.
>
Which is a bug, not a feature.
> The side effects of that are not necessarily desirable (loss of
> end-to-end connectivity, performance issues, limitations on simultaneous
> connections etc etc).
>
Exactly.
> It seems to me that it is this property of NAT that people are most
> loath to lose. And why ULA looks tantalisingly delicious.
>
Yeah, but, if we take a step back and look for what they actually want
that they are willing to give up everything else to get, it usually boils
down to two things:
1. Obfuscation of host addresses
2. Ability to move an entire topology from one number space to
another without reconfiguring the topology.
IPv6 solves 1 with privacy addresses. These are horrible and I hope
nobody really uses them, but, they're better than NAT.
The solution to number 2 depends again on the circumstance. IPv6
offers a variety of tools for this problem, but, I have yet to see an
environment where the other tools can't offer a better solution than
NAT.
Owen
