On Tue, 2010-12-07 at 20:37 -0500, Ross Walker wrote:
On Dec 7, 2010, at 7:41 PM, Nico Kadel-Garcia nkadel@gmail.com wrote:
On Tue, Dec 7, 2010 at 10:04 AM, Adam Tauno Williams awilliam@whitemice.org wrote:
Bogus. The reason is that they haven't been pressured into adoption by higher powers; so we will get into a nice scramble to migrate in a pinch.
"most people" have no idea what NAT is, don't care, and shouldn't have to care.
Some people's belief that NAT is some magic sauce that makes them more secure [it does not] or provides them more flexibility [it does not] than real addresses ... causes the people who understand networking to have to spend time explaining that their love of NAT is misguided and their beliefs about NAT are bogus.
*I'm* a fairly expert network person. (10base2, baby, I remember crimping those cables!) Forcing people to specifically select the services they wish to expose, rather than selecting what to cut off in configuring a typical firewall, is basic policy automatically enforced by NAT. It's especially helpful to ISP's, who *do not want* to try to remember all those furshlugginer individual policies and find it far simpler in routing and firewall terms to force all traffic to the NAT.
Does this mean I have to type in URLs like: http://3ffe:1900:4545:3:200:f8ff:fe21:67cf/
Correct syntax for that is
http://%5B3ffe:1900:4545:3:200:f8ff:fe21:67cf%5D/
if you want to specify the port it goes outside the brackets
http://%5B3ffe:1900:4545:3:200:f8ff:fe21:67cf%5D:8080/
I can only image phonetically calling these off on a support call, I'd get half way through it and the other end would tell me to "forget it I'll wait until DNS is working again".
You aren't crippled currently when DNS doesn't work? Because e-mail, Active Directory / Kerberos, and numerous other services just-don't-work without functioning DNS anyway. I'd say the network-minus-DNS is pretty much irrelevant in the real world.
In fact with DNS problems we'd be pretty much crippled. I'd use IPv6 if the addresses weren't so hard to remember.