Mark Smith wrote:
For all those people who think IPv4 NAT is quite fine, I
challenge them to submit RFCs to the IETF that resolve, without
creating worse or more even more complicated problems, the list
of problems here. All the IPv6 RFCs do ...
These RFCs clearly have an agenda: selling IPv6. It is unfortunate
they don't feel it necessary to make a balanced presentation of the
pros and cons but instead appear to believe that spreading FUD about
NAT is an effective method of promoting IPv6.
Problem is that NAT will not go away or even become less common in
IPv6 networks for a number of reasons.
#1 NAT advantage: it protects consumers from vendor
Consider the advantage of globally unique public addressing to ISPs
and telcos. Without NAT they have a very effective vendor lock-in.
Want to change ISPs? It's only as easy as reconfiguring every device
and/or DHCP server on your internal network. With NAT you only need
to reconfigure a single device, sometimes not even that.
#2 NAT advantage: it protects consumers from add-on
fees for addresses space.
Given the 100 to 10,000% mark-ups many telcos and ISPs already charge
for more than a /29 it should come as no surprise they would be
opposed to NAT.
#3 NAT advantage: it prevents upstreams from limiting
consumers' internal address space.
Even after full implementation of IPv6 the trend of technology will
continue to require more address space. Businesses will continue to
grow and households will continue to acquire new IP-enabled devices.
Without NAT consumers will be forced to request new netblocks from
their upstream, often resulting in non-contiguous networks. Not
surprisingly, often incurring additional fees as well.
Follow the money and you'll end up with these three reasons why the
technical arguments being made against NAT in opinion pieces like
Keith Moore's (URL above) are so one sided and overtly biased. But
there are still more reasons NAT will continue to increase in
popularity regardless of IPv6.
#4 NAT advantage: it requires new protocols to adhere to
the ISO seven layer model.
H.323, SIP and other badly designed protocols imbed the local address
in the data portion of IP packets. This trend is somewhat discouraged
by the layer-isolation requirements of NAT.
#5 NAT advantage: it does not require replacement security
measures to protect against netscans, portscans, broadcasts
(particularly microsoft's netbios), and other malicious
The vendors of non-NAT devices would love to have you believe that
their stateful inspection and filtering is a good substitute for the
inspection and filtering required by NAT devices. Problem is the
non-NAT devices all cost more, many are less secure in their default
configurations, and the larger rulesets they are almost always
configured with are less security than the equivalent NAT device.
These are just some of the reasons why NAT is, and will continue to
be, an increasingly popular technology for much more than address