Stay with IPv4 internally

Discussion in 'Cisco' started by eaglesix, Feb 9, 2011.

  1. eaglesix

    eaglesix Guest

    Since we use a firewall that uses NAT between our network and the
    router to our ISP is it possible that we could have the router use
    IPv4 on the inside interface and IPv6 on the outside?

    We have roughly 300 machines inside the network which would be a
    challenge to set to IPv6.
     
    eaglesix, Feb 9, 2011
    #1
    1. Advertising

  2. * eaglesix wrote:
    > Since we use a firewall that uses NAT between our network and the
    > router to our ISP is it possible that we could have the router use
    > IPv4 on the inside interface and IPv6 on the outside?


    That's called "NAT-PT" and it is a horrible bad idea. IPv6 and IPv4 are
    completly different worlds like railways and streets.

    NAT-PT is a motorrail/auto train from the ipv6 perspective. From the IPv4
    perspective NAT-PT is so ugly, that we do not have a real world example for.
    Besides it's feels like an "office boy": You ask always the same person to
    do the work for you ;-)

    > We have roughly 300 machines inside the network which would be a
    > challenge to set to IPv6.


    You lost about five to ten years, so hurry up!
     
    Lutz Donnerhacke, Feb 10, 2011
    #2
    1. Advertising

  3. eaglesix

    Sam Wilson Guest

    In article <-jena.de>,
    Lutz Donnerhacke <> wrote:

    > * eaglesix wrote:
    > > Since we use a firewall that uses NAT between our network and the
    > > router to our ISP is it possible that we could have the router use
    > > IPv4 on the inside interface and IPv6 on the outside?

    >
    > That's called "NAT-PT" and it is a horrible bad idea. IPv6 and IPv4 are
    > completly different worlds like railways and streets.
    >
    > NAT-PT is a motorrail/auto train from the ipv6 perspective. From the IPv4
    > perspective NAT-PT is so ugly, that we do not have a real world example for.
    > Besides it's feels like an "office boy": You ask always the same person to
    > do the work for you ;-)


    NAT-PT has been deprecated and other mechanisms (NAT64/DNS64) are
    preferred. To me NAT64 is just as horrible but probably works better,
    for some value of "better".

    > > We have roughly 300 machines inside the network which would be a
    > > challenge to set to IPv6.

    >
    > You lost about five to ten years, so hurry up!


    I've been watching IPv6 for 15 years now and it's still not ready. The
    bickering between RA vs DHCPv6 or PI vs PA addressing is inexcusable at
    this stage.

    Sam
     
    Sam Wilson, Feb 10, 2011
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Alan Lee
    Replies:
    16
    Views:
    696
    Martin Bilgrav
    Jul 23, 2003
  2. Replies:
    0
    Views:
    2,365
  3. lidram
    Replies:
    0
    Views:
    391
    lidram
    Mar 26, 2008
  4. bod43
    Replies:
    2
    Views:
    619
  5. karlaserv

    Internally Rechargeable Batteries

    karlaserv, Jan 4, 2012, in forum: The Lounge
    Replies:
    0
    Views:
    1,196
    karlaserv
    Jan 4, 2012
Loading...

Share This Page