[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NAT64 and matching identities

Subject: NAT64 and matching identities
From: streiner at cluebyfour.org (Justin M. Streiner)
Date: Mon, 18 Nov 2013 15:06:52 -0500 (EST)

It's looking more and more like NAT64 will be in our future.  One of the 
valid concerns for NAT64 - much like NAT44 - is being able to determine 
the identity of a given user through the NAT at a given point in time.
How feasible this is depends on how robust/scalable $XYZ's translation 
logging capabilities are, and possibly how easily that data can be matched 
against a source of identify information, such as RADIUS accounting logs, 
DHCP lease logs, etc.

Other IPv6 transition mechanisms appear to be no less thorny than NAT64 
for a variety of reasons.

I'm curious to see how others are planning to tackle (or already have 
tacked) this issue.  Discussing vendor-specific solutions is fine, but I 
think keeping things as platform/vendor agnostic as possible for the time 
being would allow this thread to be more beneficial to a wider audience.

The floor is open...

jms

Follow-Ups:
- NAT64 and matching identities
  - From: tom.taylor.stds at gmail.com (Tom Taylor)
- NAT64 and matching identities
  - From: Lee at asgard.org (Lee Howard)
- NAT64 and matching identities
  - From: asullivan at dyn.com (Andrew Sullivan)
- NAT64 and matching identities
  - From: don at sandvine.com (Don Bowman)
- NAT64 and matching identities
  - From: I.Smith at F5.com (Ian Smith)

Prev by Date: Question on routing of Tata AS6453 with their other network AS4755
Next by Date: NAT64 and matching identities
Previous by thread: Routing Resilience Survey (a project coordinated by ISOC)
Next by thread: NAT64 and matching identities
Index(es):
- Date
- Thread