[180498] in North American Network Operators' Group
Re: AWS Elastic IP architecture
daemon@ATHENA.MIT.EDU (Owen DeLong)
Fri Jun 5 07:17:16 2015
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CAL9jLaYEBZfBJaY59n8=so6SyVRQYUtj5sGgK9TmCYtDMR0u0A@mail.gmail.com>
Date: Fri, 5 Jun 2015 12:11:28 +0100
To: Christopher Morrow <morrowc.lists@gmail.com>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> On Jun 4, 2015, at 6:16 PM, Christopher Morrow =
<morrowc.lists@gmail.com> wrote:
>=20
> On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong <owen@delong.com> wrote:
>> I=E2=80=99d argue that SSH is several thousand, not a few hundred. In =
any case, I suppose you can make the argument that only a few people are =
trying to access their home network resources remotely other than via =
some sort of proxy/rendezvous service. However, I would argue that such =
services exist solely to provide a workaround for the deficiencies in =
the network introduced by NAT. Get rid of the stupid NAT and you no =
longer need such services.
>=20
> This is an interesting argument/point, but if you remove the rendevous
> service then how do you find the thing in your house? now the user has
> to manage DNS, or the service in question has to manage a dns entry
> for the customer, right?
DNS is pretty easy. There are dozen=E2=80=99s of free web-UI based DNS =
services out there. Some of them even run by registrars.
> you'll be moving the (some of the) pain from 'nat' to 'dns' (or more
> generally naming and identification). I think though that in a better
> world, a service related to the thing you want to prod from outside
> would manage this stuff for you.
I=E2=80=99m unconvinced. Perhaps I prefer to create an entry once vs. =
pay for some other service to do this and charge me on a monthly basis =
for a one-time action.
> It's important (I think) to not simplify the discussion as: "Oh, with
> ipv6 magic happens!" because there are still problems and design
> things to overcome even with unhindered end-to-end connectivity.
I made no attempt to declare that there was any magic with IPv6. Indeed, =
my claim is that less magic is required.
Owen
