On Tue, 2004-01-13 at 10:09, Ross Werner wrote: > I guess I'm not quite sure I "get it", but why is NAT necessarily a "bad > thing"? Because it's not "how it's supposed to be"? Because it's klugey? > Bad design? Insecure?
Well, it's not insecure as such, nor it is a bad design in and of itself. I think the following faq about Speak Freely addresses some of the problems (although his beef is decidedly political): http://www.fourmilab.ch/speakfree/eol/ The problem as I see it is that most internet protocols are peer to peer. With NAT prevailant, it's harder and harder to keep the protocols working without kluding with port forwards. So either new technologies such as VoIP (which is inherently peer to peer, although you can kludge it with call gateways) will wither with regards to end users, or it will get to the point where we are all just consumers on the internet and we connect to commercial servers, never having the capability to actually be our own servers. So the issues are political, but also technical. > I guess my thinking is, if I've got a house full of electronic devices > (let's say a dozen computers, an IP-enabled toaster, fridge, television, > etc.) I don't really need or want world-visible IP addresses on them. I'd > like them to be just 10.* or whatever IP addresses, and if any > communication ever needs to go on between them and the Internet they > should necessarily go through some central house-server/router/firewall. I > should have the /option/ have having, say, three of the computers have > world-visible IP addresses, but the rest having local 10.* addresses. But > why make my toaster be visible to the Internet when, really, there's no > need for him to be? True, but an IPv6 nodes should can be made into private networks by either disconnecting them from the net, or by properly configuring the gateway between them and the net. The point is, there is no need for private ip addresses (special, overlapping subnets) with IPv6. I guess at some level it's an intellectual appeal thing. Michael > > Or am I missing something terribly here? > > ~ ross -- Michael L Torrie <[EMAIL PROTECTED]> ____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
