[Bp_ipv6] Request for clarification NAT v NAT

Marco Hogewoning marcoh at ripe.net
Sun Nov 29 19:59:33 EST 2015


Sensible addition, If not to late, to add the DNSSEC impact.

Thanks Patrik,

MarcoH

> On 30 Nov 2015, at 00:11, Patrik Fältström <paf at frobbit.se> wrote:
> 
> On 27 Nov 2015, at 11:10, Marco Hogewoning wrote:
> 
>> A different type of NAT, called NAT64, is used to translate between IPv4 and IPv6 networks, connecting the two incompatible protocols. This in particular allows users of IPv6 to connect to services that are still only available using the IPv4 protocol. While this translation again could introduce negative effects on traceability of overall network performance, it is widely regarded as an acceptable technology to aid in the deployment of IPv6. Especially in those cases where a single stack network setup, only using IPv6, is preferable over maintaining support for both IPv4 and IPv6 in an access network. Various 4G/LTE mobile access providers have chosen to deploy this technology as part of their IPv6 deployment.
> 
> Hmm...I would like to have slightly tuned text, as NAT64 is as mentioned earlier much more complicated than "normal" NAT. It requires not only address translation but also synthesize DNS responses, and by doing that inability to validate DNSSEC signed responses on devices south of the NAT64 box.
> 
> I also think one should point out that some 4G/LTE providers have chosen to use dual stack. So it does not sound like if one MUST do single stack on mobile data networks.
> 
> Because of that, I would like to see an addition, for example:
> 
> A different type of NAT, called NAT64, is used to translate between IPv4 and IPv6 networks, connecting the two incompatible protocols. This in particular allows users of IPv6 to connect to services that are still only available using the IPv4 protocol. While this translation not only impacts address mapping but also DNS resolution, specifically the security technology DNSSEC but also introduce negative effects on traceability of overall network performance, it is widely regarded as an acceptable technology to aid in the deployment of IPv6. Especially in those cases where a single stack network setup, only using IPv6, is preferable over maintaining support for both IPv4 and IPv6 in an access network. Various 4G/LTE mobile access providers have chosen to deploy this technology as part of their IPv6 deployment, while other have dual stack (IPv4 and IPv6) deployed.
> 
>   Patrik





More information about the Bp_ipv6 mailing list