Caitlin Bestler wrote:
3) new devices that plug into residential networks (mostly new)
What stops the new devices from having v4 with NAT to translate between
the
internet and the house.
nothing stops them, but if you want to access the devices from outside the
house (and in many cases that's the point of such devices) then NAT gets
in the way.
Keith
That's exactly why you want NAT/firewalling and other existing mechanisms.
These are devices that do not require global addressability. In fact they
SHOULD NOT be globally addressable.
"SHOULD NOT be globally addressable"? Every conceivable device in
the home? That's quite a broad policy to impose on home networks.
I draw two distinctions:
- firewalling is a technology designed to implement policy
- NAT is intended to enable connectivity
It is quite possible for globally addressable IPv6 devices to be firewalled
according to some policy, i.e. IPv6 supports *both* global connectivity
and security of the firewalling variety.
IPv6 needs to be justified on the number of nodes that truly need a
globally accessible public address, not by insisting on counting devices
that should remain anonymous or under limited (and controlled) visibility.
I think it was being justified on the basis of enabling connectivity,
specifically from outsite-the-home to inside-the-home. This is a
problematic scenario for privately addressed IPv4 networks using NAT.
Also, there is no reason why IPv6 devices in the home can't decline
global addresses and stick with link-local or site-local addressing.
At times I suspect an administrative standard for uniquely referring
to a private IP address is a specific private IP network would have
been the only required improvement in global addressing.
Like RSIP?
- aidan