Caitlin Bestler wrote: > > > > 3) new devices that plug into residential networks (mostly new) > > > > > > What stops the new devices from having v4 with NAT to translate between the > > > internet and the house. > > > > nothing stops them, but if you want to access the devices from outside the > > house (and in many cases that's the point of such devices) then NAT gets > > in the way. > > > > Keith > > > > That's exactly why you want NAT/firewalling and other existing mechanisms. > These are devices that do not require global addressability. In fact they > SHOULD NOT be globally addressable. >
"SHOULD NOT be globally addressable"? Every conceivable device in the home? That's quite a broad policy to impose on home networks. I draw two distinctions: - firewalling is a technology designed to implement policy - NAT is intended to enable connectivity It is quite possible for globally addressable IPv6 devices to be firewalled according to some policy, i.e. IPv6 supports *both* global connectivity and security of the firewalling variety. > IPv6 needs to be justified on the number of nodes that truly need a > globally accessible public address, not by insisting on counting devices > that should remain anonymous or under limited (and controlled) visibility. > I think it was being justified on the basis of enabling connectivity, specifically from outsite-the-home to inside-the-home. This is a problematic scenario for privately addressed IPv4 networks using NAT. Also, there is no reason why IPv6 devices in the home can't decline global addresses and stick with link-local or site-local addressing. > At times I suspect an administrative standard for uniquely referring > to a private IP address is a specific private IP network would have > been the only required improvement in global addressing. Like RSIP? - aidan