Mark Andrews wrote: > In message <498a3ca5.6060...@internode.com.au>, Matthew Moyle-Croft writes: >> Anthony Roberts wrote: >>> On Thu, 05 Feb 2009 11:08:44 +1030, Matthew Moyle-Croft >>> <m...@internode.com.au> wrote: >>> >>>> Let's face it - the current v6 assignment rules are to solve a 1990s set >>>> of problems. A /64 isn't needed now that we have DHCP(v6). >>>> >>> It's needed to prevent people from NATing in v6, as they'll still want >>> their stuff behind a firewall, and some of them will want subnets. >>> >> Why do we want to prevent people using NAT? If people choose to use >> NAT, then I have no issue with that. >> >> This anti-NAT zealotism is tiring and misplaced. > > NAT's break lots of things and increase the development > costs of every piece of network based software being written. > > If we could get a true accounting of the extra cost imposed > by NAT's I would say it would be in the trillions of dollars. > > NAT's are a necessary evil in IPv4. If every node that > currently communicates to something the other side of a NAT > was to have a global address then we would have already run > out of IPv4 addresses. > > NAT's are not a necessary evil in IPv6. Just stop being > scared to renumber. Addresses are not forever and when you > design for that renumbering get easier and easier. > > For everything else there are alternate solutions. >
Far too many people see NAT as synonymous with a firewall so they think if you take away their NAT you're taking away the security of a firewall. A *lot* of these problems we face are conceptual rather than technological. ~Seth
