Geoff on IPv4 Exhaustion
Geoff Huston
gih at apnic.net
Wed Nov 16 22:57:06 CET 2011
On 17/11/2011, at 2:07 AM, John Payne wrote:
> On Nov 16, 2011, at 4:26 AM, Ted Mittelstaedt <tedm at ipinc.net> wrote:
>
>> Remember, under IPv6 there is no NATTing so no need for
>> VPNs.
>
> This I haven't heard before. I'm astounded that you would think that VPNs only exist because of NAT.
If you regard VPNs within a very limited context as the use of tunnelling to allow one address context to form an overlay across a different address context, then I think that the point is being made that there is the possibility that in IPv6 we would all use a single address context and there would be no a priori requirement to tunnel IPv6 in IPv6, hence "no need for VPNs".
I also think that such a view is somewhat disconnected with today's reality, where I observe a general perception that overlay tunnel networks in the guise of VPNs offer various degrees of superior security, control and flexibility. The argument as to whether this perception is yet another vendor-inspired myth or has some substance behind it is debatable, but as mythology plays a big part in this industry I'd guess that VPNs will be with us for some time yet irrespective of whether such forms of networking actually deliver net benefit over the added operational costs and complexity of some of these VPN tunnel approaches.
Geoff
(who is still trying to figure out why I am referenced on the subject line of a thread about DHCPv6!)
More information about the ipv6-ops
mailing list