On 12/7/10 9:04 AM, Adam Tauno Williams wrote:
The other nice side-effect of NAT is that you get an effectively infinite number of addresses behind it without any pre-arrangement with anyone else. Even if ISPs hand out what they expect to reasonably-sized blocks, won't it be much harder to deal with when you outgrow your allotment? We've had the opportunity to move to ipv6 for ages but we haven't (in the US, anyway). I think the reason is that most people like the way NAT works and don't really want a public address on every device.
Bogus. The reason is that they haven't been pressured into adoption by higher powers; so we will get into a nice scramble to migrate in a pinch.
Agreed, but the reason that hasn't happened is that there's no visible benefit to the consumer.
"most people" have no idea what NAT is, don't care, and shouldn't have to care.
Agreed again, but the reason is that the vast majority only want outbound client connections and they would be perfectly happy if application protocols adapted to client registration to some central registry for portability instead of ever assuming that a person or associated application had anything to do with any particular device or fixed address. Compare the number of people who use an IM/chat application to the number who have directly reachable SIP endpoints without a forwarding service, for example. There are good reasons for that.
Some people's belief that NAT is some magic sauce that makes them more secure [it does not] or provides them more flexibility [it does not] than real addresses ... causes the people who understand networking to have to spend time explaining that their love of NAT is misguided and their beliefs about NAT are bogus.
If the ipv6 routers come with defaults that work the same as current NAT routers, people will be able to continue to misunderstand them happily. That is, permit outbound client connections from anything connected behind them without much regard to how many devices there are, and block everything else.