[190418] in North American Network Operators' Group
Re: IPv6 deployment excuses
daemon@ATHENA.MIT.EDU (Masataka Ohta)
Mon Jul 4 05:41:14 2016
X-Original-To: nanog@nanog.org
To: Jared Mauch <jared@puck.nether.net>
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Date: Mon, 4 Jul 2016 18:41:00 +0900
In-Reply-To: <C352698F-3520-4405-86B7-6150815352A7@puck.nether.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
Jared Mauch wrote:
> Actually they are not that great. Look at the DDoS mess that UPnP has
> created and problems for IoT (I call it Internet of trash, as most
> devices are poorly implemented without safety in mind) folks on all
> sides.
Are you saying, without NAT or something like that to restrict
reachable ports, the Internet, regardless of whether it is with
IPv4 or IPv6, is not very secure?
With end to end NAT, you can still configure your UPnP capable NAT
boxes to restrict port forwarding.
> The fact that I go to a hotel and that AT&T mobility have limited
> internet reach is a technology problem that we all must work to fix.
Want to run a server at the hotel?
IP mobility helps you, if you have a home agent at your home and
you can use IP over UDP/TCP over IP as mobility tunnel.
Masataka Ohta
>
>
> Jared Mauch
>
>> On Jul 1, 2016, at 11:49 PM, Masataka Ohta
>> <mohta@necom830.hpcl.titech.ac.jp> wrote:
>>
>> And, to applications running over TCP/UDP, UPnP capable legacy NATs
>> are transparent, if host TCP/UDP are modified to perform reverse
>> NAT, information to do so is provided by UPnP.
>
>
>
