On July 1, 2017 5:38:14 PM EDT, "D. Hugh Redelmeier via talk" <talk@gtalug.org> wrote: >| From: James Knott via talk <talk@gtalug.org> > >| I have no use for those who insist IPv4 is good enough, when it >| hasn't been since the day it became necessary to use NAT. > >Actually NAT was not introduced to deal with a global shortage of IP >addresses. It was introduced to get rid of a local shortage. > >For example, Rogers@home (the first broadband service for consumers in >my >area) was marketed as meant for hooking one device (not a server!) to >the >internet. The theory was that you'd pay extra for each other device >and >they would get their own IP. This wasn't 100% crazy since most homes >that >had a computer that could connect to the internet had only one. > >I ran NAT (and servers) at home with a Linux gateway because I did >already >have a LAN. (Unlike most folks, I had globally routable addresses in >my >LAN but of course Rogers could not route that traffic to me.) > >Pretty soon people wanted to run LANs at home BUT they were Microsoft >LANs >-- not safe in public. So naturally a broadband router-with-NAT made a > >lot of sense. > >Now many folks think NATing is the normal and most reasonable form of >firewall! > >NAT actually damages the internet's original design. Nodes are peers, >not >clients or servers. But only initiators (clients, roughly speaking) >can >be behind NAT. So many protocols have had to be butchered to survive >NAT.
I came across this memo of general interest to this topic. Section 4 in particular. https://tools.ietf.org/rfc/rfc4864.txt 4. Using IPv6 Technology to Provide the Market Perceived Benefits of NAT The facilities in IPv6 described in Section 3 can be used to provide the protection perceived to be associated with IPv4 NAT. This section gives some examples of how IPv6 can be used securely. >--- >Talk Mailing List >talk@gtalug.org >https://gtalug.org/mailman/listinfo/talk -- Russell Sent by K-9 Mail --- Talk Mailing List talk@gtalug.org https://gtalug.org/mailman/listinfo/talk
