[governance] Why we need IPv6 and why you should care

Thomas Narten narten at us.ibm.com
Tue Feb 26 22:26:53 EST 2008


Avri Doria <avri at psg.com> writes:

> NATs really only provide false security.  i.e you may think they are  
> hiding the network behind, but they aren't really.  One can still  
> often tell what is behind them.  They are not really firewalls, though  
> a lot of NATS come packaged with a firewall..

Indeed!

> Firewalls will remain.
> And I think NATs and application gateways will remain

Indeed!

> And the reason I believe that NATs will remain in IPv6 despite the  
> huge address space is that we still will not get enough addresses from  
> our ISPs or rather we still need to pay extra for multiple addresses  
> (no matter what the RFCs or RIRs say about distributing the addresses  
> in blocks)  so we will still have NATs.

I think NATs will remain with IPv6 too. NATs have an associated set of
pros/cons. For some, the cons outweigh the pros. Others will see
things differently. But with IPv6, the use of NATs will be a
choice. With IPv4, one will have no choice but to use them.

But, I disagree with: 

     we still will not get enough addresses from our ISPs or rather we
     still need to pay extra for multiple addresses (no matter what
     the RFCs or RIRs say about distributing the addresses in blocks)
     so we will still have NATs.

The RIRs have established policies for assigning IPv6 address space to
ISPs and end users. Having worked in that community for some time, I
am confident that the majority of folk in that space (and this
includes ISPs that are giving out IPv6 addresses) understand that an
important benefit of IPv6 is it's large address space, and that it is
important that end users be able to get lots of address space.

The existing policies on the books today (developed via RIR PDPs)
encourage the assignment of the equivalent of more than a class B
address block to pretty much everyone (yes, even home users). In IPv6
terms, you get a /56 (or even more). That is enough space for 256
subnets, and each subnet can have an almost unlimited number of
hosts. So, really, with IPv6 end sites get plenty of address space.
Not ba single address, but thousands and thousands, and this is for
simple home sites. Larger sites can get more.

This is the existing policy today and the early deployments have made
such assignments. Indeed, I have not heard of a single example where
only a single IPv6 address is given to an customer. In contrast,
getting a single IP address (as the starting point) is the norm for
IPv4

Thomas
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance



More information about the Governance mailing list