I do not believe that it is difficult to design fire and forget systems for the
home. The problem is not design, it's the politics.
Apple has gone a long way towards doing just that, and they have brought a lot
of manufacturers with them. They have approached the problem with a more
feasible political approach than other attempts.
The usability issue is serious but not insurmountable. I have made my own
proposal for dealing with this issue in my ID Domain Centric Administration:
http://www.ietf.org/internet-drafts/draft-hallambaker-domain-centric-00.txt
Since writing that draft I realize that an area that I need to work on further
is to provide a standard means of creating self signed certs or locally issued
certs for devices that do not come with an installed device certificate (this
is already standard for DOCSYS cable modems).
I currently have eight machines hanging off the home network. What I am
currently trying to do is to work out how to cluster three separate home
networks at three different sites so that the cousins/granchldren and
grandparents can all use video conferencing. This turns out to be a much harder
task than it needs to be. There seems to be an omerta amongst the suppliers of
videoconferencing type applications that none of them will reveal the protocols
they use or the ports and if they will reveal the ports they will insist on
sitting on the same port that my VOIP service uses.
But I suspect that in five years time I will have at least fifty IP addressable
devices, hopefully more. For a start I want every lightswitch to be IP
connected, and the burglar alarms and the individual phone handsets. Also the
heating/AC systems and the hot tub. I also want my digital cameras to
automatically upload pictures when I enter the house and I want all data
storage on all the machines on the house to be constantly and transparently
backed up both onsite and offsite (none of your daily backups rubbish, I want
the data backed up while the original is written).
It is all do-able with technology we have in place today. A reviewer of my book
just told my publisher that what I propose is nothing new or original. Which
means that either the reviewer is wrong or we should not have any difficulty
getting it on the shelves for next Xmas.
Apparently at MBA school the students are taught that markets for technology go
through a series of phases. In the first phase merely delivering technology is
enough, once basic functionality is delivered the market competes to provide
usability, next comes reliability, eventually the market is driven by fashion.
This happened in the auto industry. Early cars barely worked at all, every
journey was an adventure. In the 1920s Ford broke the automobile patent and
built a car for the common man, a car that did not need the skills of a
mechanic to drive. Reliability improved gradually until the 1970s when there
was a sudden realization that consumers would pay more for a car that was not
designed to rust. Today most cars will go 10,000 miles between services and not
need major repairs beyond a clutch plate for 50,000 or even 100,000 miles.
A lot of network technology, particularly security technology has only just
emerged from the technology delivery phase. Instead of waiting ten years
between phases why not just deliver it all now and give the MBA graduates a
shock?
We have all the technology we need, all we need to do is to recognize that in
the network of the future there can be no network administrators who spend
their time doing the footling tasks that eat 90% of a network managers time
today. We can't have real home networks happen until network administration is
automated at the same level that the functions of the car are today.
-----Original Message-----
From: Steven M. Bellovin [mailto:smb(_at_)cs(_dot_)columbia(_dot_)edu]
Sent: Friday, August 17, 2007 8:54 PM
To: Joel Jaeggli
Cc: Keith Moore; ietf(_at_)ietf(_dot_)org
Subject: Re: IPv6 addresses really are scarce after all
On Fri, 17 Aug 2007 17:01:39 -0700
Joel Jaeggli <joelja(_at_)bogus(_dot_)com> wrote:
Keith Moore wrote:
It seems likely that cable mso's similar will dole out /64's to
customers one at a time, I suppose that's acceptable if not
necessarily desirable and will probably still result in
the use of
nat mechanisms in end systems.
that's COMPLETELY unacceptable.
Well lot's of people still think things like "why would home users
ever subnet" but when you walk into a decent electronics superstore
these days you can buy:
terabytes of network attached storage
HD video streamers
wireless voip handsets or dual mode wifi/cellular phones building
control and security systems that plug into ethernet or hang out on
your wifi vlan capable managed switches that cost $150
At some point you stop wanting to have all those devices on
the same
network if for no other reason than to keep your multicast HD video
streams from clobbering your ip phones, and around that
same point the
needs of a household of 2-6 people plus visitors start to
look a lot
like those of a heavily technology enabled small business.
Have two or
more wage earners that work for large enterprises and have
vpn tunnels
and associated network peripherals and you have issues that
can keep
consultants employeed for some time...
This is a fairly unusual problem right now, but it won't be
for long.
I'm not sure what your point is -- I took Keith's comment to
mean that home NATs with v6 were completely unacceptable.
I agree with you on the desirability of home routers, though
it's going to be an interesting challenge to build "fire and
forget" boxes for the house. Of course, I'm the kind of guy
who already has 3 (and sometimes
4) segments on my home LAN, so I suppose I really need home
routers that speak OSPF....
--Steve Bellovin, http://www.cs.columbia.edu/~smb
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf