IETF Logo Mail Archive

Re: there _is_ IPv6 NAT - just look for it

Brian E Carpenter <brian.e.carpenter@gmail.com> Sat, 15 March 2014 16:38 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53D681A012D for <ipv6@ietfa.amsl.com>; Sat, 15 Mar 2014 09:38:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eG80zrXdwtNC for <ipv6@ietfa.amsl.com>; Sat, 15 Mar 2014 09:38:00 -0700 (PDT)
Received: from mail-wi0-x22c.google.com (mail-wi0-x22c.google.com [IPv6:2a00:1450:400c:c05::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 497131A00EB for <ipv6@ietf.org>; Sat, 15 Mar 2014 09:38:00 -0700 (PDT)
Received: by mail-wi0-f172.google.com with SMTP id hi5so667368wib.11 for <ipv6@ietf.org>; Sat, 15 Mar 2014 09:37:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=aqdGebuQOMYsOzAi4D/hv0wWHCXuAslVvNLYbfj00so=; b=hDdMYYoeqFxWmMDaQPGbeOXAs2NJ5935/MLNpH02AqlCUXDL3jViGtVMCDnqQV9m2h lgzhXTjahMCZ2FLCm6GloooraYHlfwmQvjWLHwmmGmirCxRrzzH1MantY9WkuvoBG2dv TYfOr1XgQWo50P5iVY5ufsspLJbR7BMMACy3BSFnRMndqIGf3e+apZUGovJYMc3Ld0kU jUcI44yFIl1NiqcZLwNGSLy63gtAIn8usTJTLpGO0aeTgw/c/warRaJ2sSSBGfNww6AT gFV4CarXeZKw5ZkMJPSFr65CvSaQZFeMOvPlLPgWic4wKOSlRfS5ypMG7EzlvO5ctaaY 3hMw==
X-Received: by 10.194.120.101 with SMTP id lb5mr137995wjb.74.1394901472681; Sat, 15 Mar 2014 09:37:52 -0700 (PDT)
Received: from [192.168.0.144] (cpc8-mort6-2-0-cust102.croy.cable.virginm.net. [82.43.108.103]) by mx.google.com with ESMTPSA id bi8sm7399618wib.3.2014.03.15.09.37.51 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 15 Mar 2014 09:37:51 -0700 (PDT)
Message-ID: <532481EC.6030505@gmail.com>
Date: Sun, 16 Mar 2014 05:38:04 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Jeroen Massar <jeroen@massar.ch>
Subject: Re: there _is_ IPv6 NAT - just look for it
References: <E2C06D73-99FF-42B5-A3BE-337C307BCB0E@gmail.com> <CAKD1Yr0fjSWfPDkvc9Z53xBKxMGzYcVGzH3tLUGbjCKmgR_Duw@mail.gmail.com> <532374CD.3040100@gmail.com> <532401CB.8000003@gmail.com> <53247CF9.2020009@massar.ch>
In-Reply-To: <53247CF9.2020009@massar.ch>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/ipv6/i9WPCb0Cz8BnhmfnGwpHMZkoR_s
Cc: Alexandru Petrescu <alexandru.petrescu@gmail.com>, ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Mar 2014 16:38:02 -0000

On 16/03/2014 05:16, Jeroen Massar wrote:
> On 2014-03-15 00:31, Brian E Carpenter wrote:
>> On 15/03/2014 10:29, Alexandru Petrescu wrote:
>>> Le 13/03/2014 15:27, Lorenzo Colitti a écrit :
>>> [...]
>>>> It's true that those that want IPv6 to be exactly like IPv4 are
>>>> disappointed, because IPv6 is not IPv4. No, you can't do routing without
>>>> RAs. No, you can't "save addresses" by making host subnets /120s (at
>>>> least not easily). No, there is no RFC1918. No, ULAs are not the same as
>>>> RFC1918. No, there is no NAT.
>>> Yes there is IPv6 NAT an dit works just like in IPv4.
>> We can't make it illegal, but we have already made it unnecessary.
> 
> Unnecessary for connection normal hosts, but let me admit, that I
> recently found a situation where it was actually useful to have Linux's
> NAT function for IPv6: forwarding connections in a proxy-style method.
> 
> This way I was able to setup a load-balanced forwarding setup for
> various services without having to modify the backend systems to
> understand a special header (eg X-Forwarded-For) for proper tracking of
> too-many-connections and mere logging.

Try RFC 7098?

   Brian

> 
> Note that the backend boxes actually do have their own global IPv6
> address, one might just not want to expose to the world all the time.
> 
> As such, NAT has it's uses; they just should not be forced upon
> end-users by the providers that they are using.
> 
> More annoyingly are the providers that will force-change your IP address
> space every 24 hours; which will make people want to have NAT to avoid
> renumbering.... and with 6rd, which is dependent on the IPv4 address,
> this is already a reality in quite some places unfortunately.
> 
> Greets,
>  Jeroen
> 
>

v2.23.0 | Report a Bug | By Email