Ok,

I must admit... you've got me rather flummoxed here Keith. Your claiming that neither Network Admins, Business Owners nor End Users understand their OWN needs, priorities and costs very well?? That none of these entities are capable of understanding whether they are truly satisfied with the services they receive and judging whether they get VALUE for their investment in them??

If that is the case, then who, would you venture, is in a better position to understand such things???

Who, would you propose, should be in the position to make DECISIONS for such entities about the course of technologies they should seek to pursue??


Are you further claiming that Darwin was wrong??? That the fittest will NOT prevail?

If the arguments against NAT are so compelling and NAT's utility under IPv6 so negligible then why would you be concerned that NAT will see significant adoption under IPv6?

Are you simply saying that the vast majority of people in a position to make such decisions are stupid (or "ill-informed" if you want to be more polite in phrasing) and will make dumb decisions. That in the free market-place of ideas...the bad ideas will win out?

Even if you are convinced that's the case... the question then becomes... "What should one do about it?"

I certainly don't see any lack of effort made here to convince people about the negatives of NAT... nor to provide them potential substitutes. That is what RFC4864 was all about, correct?

If after all that effort, there is still a risk that a significant number of individuals fail to be convinced (as I am) and would seek NAT under IPv6.  What would be the most prudent course of action?

If there is a significant risk that people will seek out and adopt NAT solutions under IPv6... wouldn't it make more sense to try to provide some guide-lines about HOW to implement it... in effect to try to "minimize the harm" that it will do?

I am not trying to pigeon hole you here...I'm just honestly having a tough time understanding your position outside of "NAT = BAD".




Christopher Engel

-----Original Message-----
From: Keith Moore [mailto:moore@network-heretics.com]
Sent: Wednesday, November 04, 2009 2:40 PM
To: Chris Engel
Cc: 'Mark Andrews'; nat66@ietf.org
Subject: Re: [nat66] Necessity for NAT remains in IPv6


Chris Engel wrote:

        --------------------------------------------------------------------------------------------
        "Wrong.  End users and board members typically don't understand what NATs are, nor their effects on the network's ability to support applications.  If they want to run an app that doesn't work on your network, they blame the app, even though the NATs in your network are what is screwing up the app.

        Furthermore, end users and board members don't understand the degree to which the widespread deployment of NATs is artificially raising the cost of deploying new apps, and denying them useful new apps which might help employees in their work and help their company's competitiveness.

        Again, in IPv4, it's pretty much a moot point because address scarcity trumps everything else.  But that's not the case for IPv6."
        --------------------------------------------------------------------------------------------

        Correct, but what they DO understand is whether they are satisfied with the services delivered to them or not...... whether their NEEDS are being met......and whether the budget they pay for those services equals the VALUE provided by them.


no, they do not understand these things.  they only naively believe that they understand these things.


        At the end of the day.... is that not the proof of any given approach?


no.


        If you really believe that stuff you said about NAT, then you pretty much don't need to be afraid of NAT in IPv6. If what you say happens to be true then those of us who choose to deploy it will be placing ourselves and our companies at a competitive disadvantage....and we'll either "see the light" and adapt/convert.... or we'll go the way of the dinosaurs.


that's only true if few enough people deploy NAT in IPv6.  if NAT turns out to be rare, application developers who don't worry about it won't suffer much, and the nets that use NAT will be marginalized.  OTOH, if NAT turns out to be common, applications developers will have to deal with it, resulting in increased costs and a higher bar for new apps - even for users of networks that don't use NAT.


        Might the reality just happen to be that for a large portion of the community NAT provides significantly more utility then any of these hypothetical new apps that it is supposedly retarding?


no.  the utility for NAT in IPv6 is extremely marginal, and the effect of imposing NAT is huge.


        I mean you DO realize that even in the IPv4 world there are organizations that hold sufficient address space that they COULD assign every single device a Public Address and they STILL choose to utilize private address space and deploy NAT? That actually holds true for my company in one of it's environments.


there are very few such organizations.  and the fact that a few of them choose to use NAT even though it is of no benefit to them should not be taken as evidence of wisdom on the part of those organizations.

I mean, it was once widely believed that cigarettes and large (by today's standards) doses of X-rays were beneficial to one's health.   Just because many people today believe NAT is a good thing doesn't make it so.


Keith