This is falling outside of the IPv6/RFC-1918 discussion, so I'll only answer questions with questions... If there's need for a real discussion, I'll let someone change the subject, and continue on... On Fri, Feb 06, 2009 at 01:11:13AM +0100, Sven-Haegar Koch wrote: [...]
The flip side shows up when Nintendo creates a cool new protocol for the Wii that requires Internet access. You Wii won't be able to participate until you teach your proxy/NAT box about the new protocol.
What's the difference to firewalling without NAT? (Noone should connect their (home) network without at least inbound filtering) There I have to wait for the firewall box to support connection tracking for the new (broken) protocol.
Why do I need an "Internet breaker" (firewall) to do connection tracking? Doesn't the host computer's software stack do that when an inbound packet arrives? Why do I need a separate box to do that work with I trust my host?
If the end-users really get public addresses for their WII and game-PCs, do you really think they won't just open the box totally in their firewall/router and catch/create even more problems?
That's an issue of trusting the host... Note: All questions are hypothetical. No packets were harmed in the production of this hyperbolic response...