[arin-discuss] Trying to Understand IPV6

Joel Jaeggli joelja at bogus.com
Tue Sep 14 23:13:57 EDT 2010


On 9/14/10 8:03 PM, Randy Carpenter wrote:
> 
> Everyone arguing that NAT is a good thing should have been involved a decade ago when it was decided that IPv6 was not going to have NAT.  The NAT argument is over.
> 
> I wish we would all stop arguing about these issues, and the hardware manufacturers would get some things on the market. We are running dangerously close to needing IPv6 for user expansion, and we have no way to deploy it.

you should look in the wireless router aisle at frys... the cpe you need
exists and it doesn't do nat66...
 
> -Randy
> 
> 
> ----- Original Message -----
>> On Sep 14, 2010, at 7:56 PM, Joe Maimon wrote:
>>
>>> SPI costs product development and support. SPI causes state table
>>> exhaustion issues for p2p and similar multitude of connections
>>> traffic. Port scanning through an SPI isnt any fun, as an example.
>>> SPI default deny creates support issues and product perception
>>> issues when end users believe or are told that they need to manually
>>> tune or turn it off.
>>>
>>> Is it not possible that "Turn off the firewall on your router" wont
>>> become part of the standard support script?
>>
>> SPI Default Deny saves frazzled IT staff lots of time and hair
>> follicles when the end user calls software vendor support themselves
>> instead of calling IT, they have local admin, and the support person
>> says "turn off the firewall on your machine." Yes, "turn off your home
>> firewall _will_ become part of the standard support script for
>> application support vendors (especially consumer apps) where the goal
>> typically is to "fix the problem," not worrying about the other
>> problems that it will create for other people down the line. Some
>> clever company will probably even write a little application that the
>> customer can run that will go out and use uPNP or some similar method
>> to do it for them.
>>
>> NAT is ugly, but completely open access will be uglier for the rest of
>> the Internet. Worm writers will find ways to optimize scanning local
>> and remote networks. Phishers will entice people to click on the shiny
>> thing and willingly infect their own box. Default deny in can help
>> mitigate the damage to those around them.
>>
>> --Chris
>>
>> _______________________________________________
>> ARIN-Discuss
>> You are receiving this message because you are subscribed to
>> the ARIN Discussion Mailing List (ARIN-discuss at arin.net).
>> Unsubscribe or manage your mailing list subscription at:
>> http://lists.arin.net/mailman/listinfo/arin-discuss
>> Please contact info at arin.net if you experience any issues.
> _______________________________________________
> ARIN-Discuss
> You are receiving this message because you are subscribed to
> the ARIN Discussion Mailing List (ARIN-discuss at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/arin-discuss
> Please contact info at arin.net if you experience any issues.
> 




More information about the ARIN-discuss mailing list