On 23/11/2012, at 1:18 PM, Ted Lemon <ted.le...@nominum.com> wrote: > On Nov 22, 2012, at 8:46 PM, John Levine <jo...@taugh.com> wrote: >> PS: If you were planning to say that with the magic of IPv6, everyone will >> be able to run servers on their home cable connection, don't bother. > > Why not? >
Because the lack of public IPv4 was only an *excuse* for blocking this functionality: ISPs in the main don't want you to equalise traffic coming from their CAN network out to the world, they didn't build with that model in mind. One can even invert the sentence a bit: they made assumptions about the traffic asymmetries in the world and built to take advantage of them. OTOH, if you want to say "with the magic of IPv6, servers in the home are now at least possibly simpler" I am there. I know, because I've used some, to great effect. (I hated setting up NAT inbound rules to one, and only one internal IP. with IPv6, I have to open an ACL inbound, but having said I want port 22 SSH to work, I can now get to all my home nodes. Internode IPv6 native on ADSL2+) Of course, you still hit ISP level ACLs. there are a bunch of simplistic portblocks they do, on the basis that it felt right at the time, and if it was good enough then, it must still be good now. Port 25 for instance, inbound, to their CAN numbered space can be "hard" -G _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
