[125745] in North American Network Operators' Group
Re: Rate of growth on IPv6 not fast enough?
daemon@ATHENA.MIT.EDU (Mohacsi Janos)
Thu Apr 22 09:38:03 2010
Date: Thu, 22 Apr 2010 15:37:19 +0200 (CEST)
From: Mohacsi Janos <mohacsi@niif.hu>
To: William Herrin <bill@herrin.us>
In-Reply-To: <j2m3c3e3fca1004220418sb1d0e1adm322cb3ec0a9c844c@mail.gmail.com>
Cc: Roger Marquis <marquis@roble.com>, nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
--0-1541434839-1271943439=:73665
Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8BIT
On Thu, 22 Apr 2010, William Herrin wrote:
> On Wed, Apr 21, 2010 at 11:31 PM, Owen DeLong <owen@delong.com> wrote:
>> On Apr 21, 2010, at 3:26 PM, Roger Marquis wrote:
>>> William Herrin wrote:
>>>>> Not to take issue with either statement in particular, but I think there
>>>>> needs to be some consideration of what "fail" means.
>>>>
>>>> Fail means that an inexperienced admin drops a router in place of the
>>>> firewall to work around a priority problem while the senior engineer
>>>> is on vacation. With NAT protecting unroutable addresses, that failure
>>>> mode fails closed.
>>>
>>> In addition to fail-closed NAT also means:
>>>
>>> * search engines and and connectivity providers cannot (easily)
>>> differentiate and/or monitor your internal hosts, and
>>>
>> Right, because nobody has figured out Javascript and Cookies.
>
> Having worked for comScore, I can tell you that having a fixed address
> in the lower 64 bits would make their jobs oh so much easier. Cookies
> and javascript are of very limited utility.
>
> On the other hand, I could swear I've seen a draft where the PC picks
> up random unused addresses in the lower 64 for each new outbound
> connection for anonymity purposes. Even if there is no such draft, it
> wouldn't exactly be hard to implement. It won't take NAT to anonymize
> the PCs on a LAN with IPv6.
See RFC 4941: Privacy Extensions for Stateless Address Autoconfiguration
in IPv6.
Regards,
Janos Mohacsi
--0-1541434839-1271943439=:73665--
