On Mon, 2010-12-06 at 18:28 -0500, Bob McConnell wrote:
IPv6 is not broken by design. NAT was implemented to extend the time until IPv4 exhaustion. A side effect was hiding the internal IPv4 address, which complicates a number of protocols like FTP and SIP. The only downside I see is ISPs could try and charge based on the number of IPv6 addresses being used.
No, the downside is that each address used will be exposed to the world.
False. That is *NOT* a downside.
NAT is *NOT* a magic sauce - install a firewall [which you probably already have]. Problem solved.
I consider that a serious security flaw.
It is not.
Having my ISP know how many computers I have is a minor issue covered by the contract I have with them.
So you want to cheap on the legal contract you agreed to?
But having all of those addresses exposed to Russian mobsters, terrorists, crackers and everyone else that knows how to capture packets is another matter altogether. If IPv6 exposes that information to the world, it is definitely unsafe to use.
The "Russian mobsters" can already do that; if you think NAT is protecting you from that then you are mistaken.