In message <CABidiTJH=+oKpF7OwU+2V4MELaigMTqe3ZdFr51jUKRTpHFdtA@mail.gmail.com> , Philip Dorr writes:
On Thu, Jun 4, 2015 at 12:16 PM, Christopher Morrow <morrowc.lists@gmail.com> wrote:
On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong <owen@delong.com> wrote:
I=E2=80=99d argue that SSH is several thousand, not a few hundred. In an= y case, I suppose you can make the argument that only a few people are tryi= ng to access their home network resources remotely other than via some sort= of proxy/rendezvous service. However, I would argue that such services exi= st solely to provide a workaround for the deficiencies in the network intro= duced by NAT. Get rid of the stupid NAT and you no longer need such service= s.
This is an interesting argument/point, but if you remove the rendevous service then how do you find the thing in your house? now the user has to manage DNS, or the service in question has to manage a dns entry for the customer, right?
You do not remove the locating service, what you remove is the remote proxy service.
And the DNS is the simplest location service. Windows boxes and Mac's can register themselves in the DNS today using standardised protocols. This really isn't a hard thing to do. All you need is a fully qualified hostname, addresses and update credentials (username/password (TSIG) or a public key pair SIG(0)) and you can update the addresses records using the DNS and UPDATE. Windows uses GSS-TSIG (Kerberos) to authenticate the UPDATE request. In theory it could also use plain TSIG and/or SIG(0). What is hard is giving them a globally unique address today because it doesn't exist for 99.9% of the devices connected in the world due to the world having run out of IPv4 address about ~20 years ago. At the moment we are at ~1 address per household for IPv4. We are heading into < 1 address per household for most of the households in the world. For a Mac you do System Preference -> Sharing -> Edit and Tick "Use dynamic global hostname" add the hostname and TSIG credentials (User/Password). The Mac will save them. The Mac will then update the address records for itself as they change. What has to happen is making this a regular part of setting up a machine for the first time. This requires other OS vendors adding equivalent functionality to their OS's.
For example with a webcam on IPv4, you would connect to website to download the video. The camera would also connect to the website to upload the video.
On IPv6 the webcam would connect to the website to say that it is alive and what its IP is. You would connect to the website and your computer would get the IP and directly connect to the webcam. If there were multiple people connecting, you may even be able to use multicast.
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org