That's exactly why you want NAT/firewalling and other existing
mechanisms.
Red herring alert: firewalling and NAT are orthogonal. Many NATs include
a firewall, but that's a market decision, not a technical necessity.
These are devices that do not require global addressability.
Think water meters. Utility companies would love to be able to stop sending
out expensive
humans just to read one dial at each customer each month. You *could*
have a reverse proxy in your home NAT, but that gets harder to
standardize; "does customer X have a compatible NAT?" is a harder question
than "does customer X have an IPv6 network?". Besides, if you've got an
end-to-end connection to the meter, it's easier to verify that the
customer isn't munging the data in order to reduce their bill.
In fact they
SHOULD NOT be globally addressable.
Why not? If you've got proper security, you can make them available to the
right people, and block them from the wrong people.
/==========================================================\
|John Stracke |Principal Engineer |
|jstracke(_at_)incentivesystems(_dot_)com |Incentive Systems, Inc. |
|http://www.incentivesystems.com|My opinions are my own. |
|==========================================================|
|News flash: Linux now implements RFC-1149, IP over Carrier|
|Pigeon! |
\==========================================================/