[99682] in North American Network Operators' Group
Re: Access to the IPv4 net for IPv6-only systems, was: Re: WG Action: Conclusion of IP Version 6 (ipv6)
daemon@ATHENA.MIT.EDU (Duane Waddle)
Tue Oct 2 12:26:18 2007
Date: Tue, 2 Oct 2007 10:57:00 -0500
From: "Duane Waddle" <duane.waddle@gmail.com>
To: nanog@merit.edu
In-Reply-To: <00c101c804fe$85c69f10$433816ac@atlanta.polycom.com>
Errors-To: owner-nanog@merit.edu
------=_Part_12430_6281403.1191340620741
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
On 10/2/07, Stephen Sprunk <stephen@sprunk.org> wrote:
>
>
> If you think anyone will be deploying v6 without a stateful firewall,
> you're
> delusional. That battle is long over. The best we can hope for is that
> those personal firewalls won't do NAT as well.
>
>
Vendor C claims to support v6 (without NAT) in their "enterprise class"
stateful firewall appliance as of OS version 7.2 (or thereabouts, perhaps
7.0). I've not tried it out yet to see how well it works.
But, as far as the home/home office goes -- will my cable/dsl provider be
able (willing?) to route a small v6 prefix to my home so that I can use a
bitty-box stateful v6 firewall without NAT? What will be the cost to me,
the home subscriber, to get said routable prefix? I am sure it increases
the operator's expense to route a prefix to most (if not every) broadband
subscriber in an area.
In the beginning, cable operators were reluctant to support home customers
using NAT routers to share their access. Now, renting/selling NAT routers
to customers has become a revenue stream for some.
How does lack of v6 NAT affect all of this?
------=_Part_12430_6281403.1191340620741
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
On 10/2/07, <b class="gmail_sendername">Stephen Sprunk</b> <<a href="mailto:stephen@sprunk.org">stephen@sprunk.org</a>> wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>If you think anyone will be deploying v6 without a stateful firewall, you're<br>delusional. That battle is long over. The best we can hope for is that<br>those personal firewalls won't do NAT as well.<br><br>
</blockquote></div><br>Vendor C claims to support v6 (without NAT) in their "enterprise class" stateful firewall appliance as of OS version 7.2 (or thereabouts, perhaps 7.0). I've not tried it out yet to see how well it works.
<br><br>But, as far as the home/home office goes -- will my cable/dsl provider be able (willing?) to route a small v6 prefix to my home so that I can use a bitty-box stateful v6 firewall without NAT? What will be the cost to me, the home subscriber, to get said routable prefix? I am sure it increases the operator's expense to route a prefix to most (if not every) broadband subscriber in an area.
<br><br>In the beginning, cable operators were reluctant to support home customers using NAT routers to share their access. Now, renting/selling NAT routers to customers has become a revenue stream for some.<br><br>How does lack of v6 NAT affect all of this?
<br>
------=_Part_12430_6281403.1191340620741--
