Re: Re: IPv6 NAT
<insert rant on somewhere after observable trigger point>
Owen DeLong <owen@delong.com> wrote: In fact, Michael, there is no reason someone can't do everything you describe with IPv4 if they are using unique address space.
Now this is the point where my annoyance level goes up with the rampant aversion to IPv6 I see even in a community proud of its adoption of technology. I realise the "NA" in nanog stands for "an IP address and bandwidth rich region of the world", but frankly the IPv4 address policies and access levels are starting to get right up my nose. The premises *you* are working on simply do not hold in the nations where data comms is really starting to take off. Think Asia. Have a good hard look at how IP telephony on a large scale - even in NA and Au - is going to have to be rolled out: - encryption engines all over the place, with multiple encryption adds and removes - multiple identity verification checks - NAT and un-NAT points potentially at more than one place along the way - firewalls and filters changed everywhere - proprietary fixes and weird new stupid protocols migcom?? - multiple compression points when we should be looking at ways of flagging this in the headers and preserving type v6 *has* IPSec, QoS and the concept of any to any built in. It's *not* a work around. It's how it works. We are making things much harder for ourselves increment by increment. We are lining ourselves up for massive amounts of rework in a few years time. By that time I will be getting too old to think it through and by that time you children who have lived all your lives in a NATted v4 world won't understand what it's like to stroll down the information street or meet in a public place or library! Maybe you already don't! We need to stop pretending we live in a world of secured networks and build security back into the whole proposition! v6 gives us that opportunity. While I'm at it I'll remind people that extranets work much more nicely when in uniquely numbered space. So even in the quasi private space we've stuffed up. Yeah sure, MPLS partly fixes this, but it still causes unwanted complexity along the way. And these stupid little poxy - sorry pRoxy - home "routers" (1) that proxy everything fine one day and lose their configs, or goodness knows what the next, and you go from six (2) home computers connected to one or none, are absolute rubbish! I'm starting to think we're seriously missing out. <end rant> :-) Narelle Clark narellec@optusnet.com.au getting in touch with her inner bofh (1) these things are bridges and they don't even bridge properly, regardless of what it says on the packaging, let alone terminate PPP over whatever it claims to be today. Can someone tell these fools that PPP stands for 'POINT to POINT' protocol? Not kludge over multiple media??? (2) six home computers does not mean a business, nor high bandwidth use. It means a *family*. We are a multilingual (OS wise) household. They are not new and the computers have more Internet experience than many "techies" I see.
participants (1)
-
Narelle