[AusNOG] SMH: "No room at the internet"

Mark Newton newton at internode.com.au
Thu May 20 11:26:09 EST 2010 

On 20/05/2010, at 8:40 AM, Stuart Low wrote:

> So you're saying that IPv4 customers would be shoved behind a smaller range of IPv4 dynamic NAT? Wouldn't that imply the same problem of accountability?

There's no accountability now.  Not sure if you've noticed, but
almost all of your IPv4 traffic today already comes through NAT
gateways.

I'm also not entirely convinced that "accountability" has ever been
a core engineering/design requirement for the internet.

> My concern isn't so much around 'our' hosting customers. If it comes down the line that all hosting customers have to run dual stack that's easy, you tell them, they do it or they face operations complaining about it. What I'm trying to figure out is what about all those hosting companies that DON'T force a dual stack on customers?

"Force"?  No hosting companies will need to "force" it, the hosting
customers will demand it themselves.

If you're a content provider of some kind, and the only access you have
to eyeballs is mediated through abysmally crap SP-NAT gateways that
delivery appalling user experiences, you'll DEMAND that your hosting
company provide you with a way of reaching eyeballs which doesn't involve
those self-same SP-NAT gateways.

Alternatively:

If you're a hosting provider, you're competing with lots of other 
hosting providers in a pretty aggressive environment.  You'll notice
that your hosting customers are filling your helpdesk queues with 
complaints about poor performance, poor UX, poor feedback from their
customers, etc.  And you'll notice that your competitors, who deploy
dual-stack by default, don't tend to have those problems.

> Say what you want about the address space running out but I'd put $50 on a lot of smaller hosting co's (Australian and foreign) saving themselves support pain and not bothering with a 4 to 6 conversion on their existing deployments. Why? Cause it 'works' with the ISPs punting data 6to4 on their behalf.

Sounds risky.  See previous message.


>> Then one's IPv6-capable residential customers get direct peer-to-peer 
>> connectivity to the website, and one's IPv4-only customers see it through
>> a NAT.
>> The NATs are going to be really atrocious, by the way. The IPv4 Internet
>> will carry increasingly massive quantities of suck.
> 
> I concur, it's going to be totally sucky but not withstanding the technical aspect of that suck what about the accountability aspect?

> From my perspective one way or another you're going to have some 6to4 tunnel/NAT in place. It might be a while until that happens (aka until everyones exhausted their options for freeing up more of their existing IPv4) but it will happen and at that point, how are people going to deal with the law enforcement part?

SP-NAT boxes are expected to work differently.  Expect client
IPs to map to reasonably static port ranges, and at least some
degree of integration with Radius.  The issue you've raised isn't
new.

Of course, nobody's actually built an SP-NAT box yet, so it's
entirely possible that I'm full of crap and your accountability
question will remain open.  And they'll work even worse than I'm
predicting because the total amount of R&D that's gone into them
will be less than a year, for a product that only has a useful
market life of perhaps 2 or 3 years.

But we'll have to deploy them anyway.  It's not like we have any
choice.

  - mark


--
Mark Newton                               Email:  newton at internode.com.au (W)
Network Engineer                          Email:  newton at atdot.dotat.org  (H)
Internode Pty Ltd                         Desk:   +61-8-82282999
"Network Man" - Anagram of "Mark Newton"  Mobile: +61-416-202-223

More information about the AusNOG mailing list