Caitlin Bestler wrote:
>
> > > 3) new devices that plug into residential networks (mostly new)
> > >
> > > What stops the new devices from having v4 with NAT to translate between the
> > > internet and the house.
> >
> > nothing stops them, but if you want to access the devices from outside the
> > house (and in many cases that's the point of such devices) then NAT gets
> > in the way.
> >
> > Keith
> >
>
> That's exactly why you want NAT/firewalling and other existing mechanisms.
> These are devices that do not require global addressability. In fact they
> SHOULD NOT be globally addressable.
>
"SHOULD NOT be globally addressable"? Every conceivable device in
the home? That's quite a broad policy to impose on home networks.
I draw two distinctions:
- firewalling is a technology designed to implement policy
- NAT is intended to enable connectivity
It is quite possible for globally addressable IPv6 devices to be firewalled
according to some policy, i.e. IPv6 supports *both* global connectivity
and security of the firewalling variety.
> IPv6 needs to be justified on the number of nodes that truly need a
> globally accessible public address, not by insisting on counting devices
> that should remain anonymous or under limited (and controlled) visibility.
>
I think it was being justified on the basis of enabling connectivity,
specifically from outsite-the-home to inside-the-home. This is a
problematic scenario for privately addressed IPv4 networks using NAT.
Also, there is no reason why IPv6 devices in the home can't decline
global addresses and stick with link-local or site-local addressing.
> At times I suspect an administrative standard for uniquely referring
> to a private IP address is a specific private IP network would have
> been the only required improvement in global addressing.
Like RSIP?
- aidan