FW: Operational challenges of no NAT

George Bonser gbonser at seven.com
Thu Oct 28 09:43:36 CEST 2010 

Oops, meant to forward to the list as well.

> On Behalf Of Jay Hennigan
> > Sent: Wednesday, October 27, 2010 11:47 PM
> > To: ipv6-ops at lists.cluenet.de
> > Subject: Re: Operational challenges of no NAT
> 
> 
> > The problem seems not to be with IPv6 or the size of the subnet but
> > some
> > rather bizarre rules under which someone else operates and your need
> > and/or willingness to jump through flaming hoops to please them.
> 
> True.  I have tried to use the argument that there is an RFC1918 /16
> behind that NAT and reducing the size of the address pool that
> physically connects to them in no way limits the number of different
> systems that connect to them.  And if they see something "bad" from
the
> NAT pool, I have no way of knowing which one of the servers behind the
> NAT is doing it as it is a dynamic pool.  But many people have this
> notion in their head that wide access is bad.  I say that you either
> trust me with the access or not, how many addresses I am using on my
> side to gain the access doesn't matter.
> 
> 
> > If your peer is willing to accept traffic from you and whitelist
your
> > subnet, then your peer is willing to do so.  If not, not.
> 
> Which validates my own position on the issue.
> 
> 
> > As far as a different "call-back" IP, that IP can be conveyed within
> > the
> > payload (as in SIP) or hard-coded in some manner, the same as it can
> be
> > done in IPv4.
> 
> It is in some cases, but in a couple of cases it apparently needs to
be
> "hard wired" with some great difficulty.  That is a process I believe
> they are going to need to sort out because it just won't scale with
v6.
> 
> 
> > It sounds as if reasonableness and understanding on the part of the
> > other party are what would be needed to solve this issue.  If the
> other
> > party isn't reasonable or clueful, perhaps you should be talking to
> one
> > of their competitors.
> 
> Understanding is the hard part.  They are "big major internet portal"
> and sometimes have an approach where they simply set the rules but in
> this case they are going to "get it", I think, once they start having
> the same challenges. I think at this point I am just further along the
> v6 road than they are and they will get it once they have gone further
> down the path.
> 
> As for competition, that is really out of my control as most of these
> connections are on behalf of third parties.  The third party end user
> decides.  I am just facilitating the transaction.  I am just a conduit
> in the path.
> 
> Thanks for taking the time to respond.
> 
> George

More information about the ipv6-ops mailing list