Alan Buxey <A.L.M.Buxey@lboro.ac.uk> wrote:

Most people don't need the devices to talk to each other

A lot of home networking uses mDNS - partitioning off devices will break things like printing and chromecast and using your phone as a remote control for your media players, etc. ad nauseam. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ Northwest Fitzroy, Sole, Lundy, Fastnet, Irish Sea, Shannon: Mainly southwesterly 6 to gale 8, occasionally severe gale 9. Rough or very rough, becoming very rough or high, except in Irish Sea. Occasional rain. Moderate or poor, occasionally good.

We already have CPE vendors shipping with "guest" ssids. These require a seperate /64 and are usually treated as external to the home network. With IPv4 you grab a seperate chunck of rfc1918 space and nat that as well as the main chuck of space. For IPv6 you need multiple /64s from the ISP. A single /64 is not enough. This is all done with a point and click interface. If you are a ISP that supplies a single /64 then you really should stop showing your lack of clue to all and sundry by supplying multiple /64s. If you are a ISP that doesn't supply IPv6 at all then you really are not doing your job as a ISP. Mark In message <4102D692-A315-4C38-A2CB-54F96999E251@lboro.ac.uk>, Alan Buxey write s:

I'm surprised that noone of the home wifi router folk haven't cornered the ma rket on that one in terms of client separation. Most people don't need the d evices to talk to each other so by default all ports on different VLANs .. 19 2.168.0-8.x etc

Internet of things security out of the box. Web interface to change port memb ership for those that DO need inter device access

Or maybe there are such defaults out there from some suppliers i'm not famili ar with? :)

alan -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org