Isn't the NAT issue the IP6 issue? In other words, once we solve the fact that IP4 is running out of addresses, then we will not have to deal with NAT penetration anymore.
The more I hear about IPv6 (these comments in particular), the more it seems like it contains many solutions to non-problems. Yes, IPv4's 32 bit address space is basically full, and upgrading that is a good thing.
But honestly, burning 64 bits of address space for a redundant global identifier just so "nat+dhcp" are only half as complicated? And then needing privacy extensions to keep the uuid from leaking out? All while doing nothing to solve the problem that caused NAT to spring up in the first place.
On the surface, "no NAT" sounds like a reasonable goal, but ignores the realities of what NAT is actually used for - keeping your network your business. How long until consumer providers offer different tiers of plans based on number of devices that can be connected, and smart users are back to NAT anyway? The proper solution to NAT problems is at layer 4 - a standard way of making connections from the outside to a device inside based on some kind of onion address, where the upstream can only see the outer part.
NAT doesn't solve the issues with IPv4, it merely delayed them. IPv6 is still the future, but everyone from ISP's to switch and router manufacturers have been dragging their feet on a real push to get us off IPv4. Hell, there are still modern switch platforms out there with full Layer 3 IPv4 support but IPv6 is curiously omitted - you've got to buy a bigger switch to get support for modern protocols (or an implementation that isn't totally gimped).
NAT is the problem that IPv6 fixes. Think about the parent comment
>if you are making more than 4B addresses routable then any existing IPv4 device will not be able to route some addresses, so you will have caused a split in the internet
This has basically already happened. We've massively extended IPv4 by stuffing extra address bits into the router's port number, and it means that any two devices behind NATs can't directly route to each other.
While I agree that IPv6 makes NAT obsolete, I, unfortunately, don't see NAT going away even after everyone is 100% on IPv6. Too many people/companies rely on NAT for "security" for it to completely die.
From earlier in this thread "NAT literally breaks IP". NAT is a workaround. Yes, it's our solution to IPv4 shortage in light of not being able to force the world over to IPv6, but it's not ideal.
NAT has not solved the IP address problem, it has merely postponed it slightly. Multi-level NATs are a hell far beyond the single-level NATs that most consumers see (and single-level NATs already cause all sorts of problems for even moderately advanced network usage). So most people only have single-level NATs, which practically only extends the address space by a small multiple - 8 bits at most, in practice ~2-3 bits.
128 bits allows routing tables to be super small and fast. While RAM has gotten cheaper, it is still slow, and smaller routing tables are way more important than smaller addresses.
However, I agree with your central point - IPv4 was "good enough" that IPv6 is going to be a tougher battle than it ought to be. However, IPv6 is winning that battle already. 15% of google's users use IPv6, and it's increasing sigmoidally. [1]
NAT has been more successful than IPv6 at fixing the same issue, the shortage of IPv4 adresses, but without breaking compatibility (well at the cost of crazy hacks for weird protocols such as FTP).
Not being able to route directly doesn’t seem to be a major issue to me. It for sure require more computing power in routers but also adds some safety and privacy by design.
The problem is NAT as it makes it impossible to directly address, and NAT doesn’t exist in IPv6 (because NAT is primarily needed to workaround limited public addresses).
It is an issue, and it's a tricky one to solve. It's getting much harder to get a hold of public IPv4 addresses and lots of smaller providers are using NAT instead. It's not a total show stopper - the vast majority of customers don't even notice and only a few actually need it enough to not use the service, and for those you can probably come up with clever ways around it (like a VPN) but it's definitely a problem. I think the best way out is IPv6 (but of course we've been saying that for decades).
reply