On 29 Sep 2021, at 05:02, Randy Bush <randy@psg.com> wrote:
Heh, NAT is not that evil after all. Do you expect that all the home people will get routable public IPs for all they toys inside house?
in ipv6 they can. and it can have consequences, see
NATting Else Matters: Evaluating IPv6 Access Control Policies in Residential Networks; Karl Olson, Jack Wampler, Fan Shen, and Nolen Scaife
https://link.springer.com/content/pdf/10.1007%2F978-3-030-72582-2_22.pdf
the ietf did not give guidance to cpe vendors to protect toys inside your LAN
Really? RFC6092 January 2011 Recommended Simple Security Capabilities in Customer Premises Equipment (CPE) for Providing Residential IPv6 Internet Service https://datatracker.ietf.org/doc/html/rfc6092 CableLabs has similar requirements. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org