North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Creating demand for IPv6

  • From: William Herrin
  • Date: Wed Oct 03 08:54:47 2007
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=EmMTxsu95aWtfehemwkRbdHng5CHpAT4wRMHY0JlvjU=; b=TFXw7zl3AyCEOMou0cJHgYYjX773xIiwUwt/NhLHi+tdg7VIpeRRi9PWdtDYK10yroAJt3eSBkvOJHGrDOGy55RXbLiyogfJHyohyeQzyZtuAY0cJRrv7P0+rsjpx3unU6PevgAkuKgAbBKh2Eqe1RfkE+A6wyMVg3XT12Um99c=
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=mmN1KZ/NL5EZKe8AwGicsQtC9F+3DQm9symGXR8DRmSDq3hSbWqw5KAVwFysfNKymqmngIidoMkXTvTiQpquS+c71NLpyqMFY3ZWzwACqlD2YpxaMg6EThsH138JMizrspYgc+5yl9y1iTXZijgS/XrWHjoBPZd4EZQWQPPtRmQ=

On 10/3/07, Mark Smith
<[email protected]> wrote:
> The value of network perimeterisation as a security measure, of which
> NAT is a method, is being questioned significantly by network security
> people.

Mark,

The discussion at hand is whether the absence of NAT creates a drag on
IPv6 deployment. and how much of a drag it creates. Your points about
the relative merits of NAT as a security mechanism are entirely
irrelevant to that discussion.


On 10/3/07, Iljitsch van Beijnum <[email protected]> wrote:
> On 3-okt-2007, at 5:20, William Herrin wrote:
> > 1. End the insanity of having software prefer IPv6 if available (AAAA
> > records over A records).
>
> Insanity?

Yes, Iljitsch, insanity.

Trying IPv6 first is asking folks to disable it on their PCs the
second or third time they can't get to a web site because the IPv6
path isn't working. Its also asking web site operators not to offer
IPv6 addresses in the first place so as not to inconvenience folks who
have Ipv6 turned on without a reliable connection.

That's counterproductive. We want people on both sides to turn it on
and leave it on.

We don't need every PC in the world to be a beta tester for our new
Internet. We do need them to turn it on.

Regards,
Bill


-- 
William D. Herrin                  [email protected]  [email protected]
3005 Crane Dr.                        Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004