On Thu, 5 Feb 2009, John Osmon wrote:
On Thu, Feb 05, 2009 at 04:44:58PM -0500, Ricky Beam wrote:
[...] I've lived quite productively behind a single IPv4 address for nearly 15 years. I've run 1000 user networks that only used one IPv4 address for all of them. I have 2 private /24's using a single public IPv4 address right now -- as they have been for 6+ years. Yet, in the new order, you're telling me I need 18 billion, billion addresses to cover 2 laptops, a Wii, 3 tivos, a router, and an access point?
Thank you. Your ability to live with proxied/NATed Internet access has helped stave off the problems we're seeing now.
The flip side shows up when Nintendo creates a cool new protocol for the Wii that requires Internet access. You Wii won't be able to participate until you teach your proxy/NAT box about the new protocol.
What's the difference to firewalling without NAT? (Noone should connect their (home) network without at least inbound filtering) There I have to wait for the firewall box to support connection tracking for the new (broken) protocol. If the end-users really get public addresses for their WII and game-PCs, do you really think they won't just open the box totally in their firewall/router and catch/create even more problems? c'ya sven -- The lights are fading out, once more...