On Wed, Nov 28, 2012 at 08:41:13AM +1100, Mark Andrews wrote:
If they are writing network based code a tunnel broker should not be a issue. Tunnel brokers are not that hard to use. They are after all just a VPN and millions of road warriers use them everyday.
Oh, for crumb's sake. You're quite right: millions of road worriers use VPNs every day, because they involve downloading a program and the config your IT dept says to use and that's it. Tunnel brokers are the moral equivalent of telling the road warriors, "Go download OpenVPN. Here are credentials. Have a nice day." This is not to criticise tunnel brokers: they're providing a useful service. But really, saying, "Stupid users," is not going to help deployment. Yes, those users include application developers. There is no -- "approaching zero" -- reason for someone in the user-application layer of the stack to care about this today. So the intellectual burden on checking that it works needs to be close to zero, rather than close to whatever the burden is for being an IPv6 early implementer. Manning is right upthread. If the entire deployment path automatically requires 84 layers of NAT sludge, that's what gets tested, cause it "works" for "everybody". A -- Andrew Sullivan Dyn Labs asullivan@dyn.com