3½" diskettes were never referred to as a hard disk, like their 5 1/4 counterparts they were referred to as floppies. Named after the internal magnetic medium, not the casing.
Right... But I'm lucky to still have one public IP let alone another. End users can barely get IPs. What few you get have to go through hassles of justification and extra fees. I think I'd rather live in a world where it's common place to just hand people a swath of IPs.
So you're cool with the Internet being forever limited to cat videos? The applications for the Internet were unforeseen. It changed the world in ways nobody could predict. IPv6 will pave the way for new applications in a way just as significant... But you can't see past today's furry thrills.
No my argument would be the equivalent of being against penicillin curing your infection but causing you to lose a leg... We have a better cure witbout the drawback.
Sorry, RFC-4941. Fat fingers....and I don't think we should design the internet with the most basic web surfing home user in mind. IPv6 will support everyones needs. IPv4 supports only the most trivial.
Right now - quite a bit - there are all sorts of mechanism that have to be worked around. Every spend any time troubleshooting SIP? Do you know why nobody does direct media?
Ever wonder why file transfers in instant messaging apps either work intermittently or perform slowly?
Ever see the layers of complexity we've built to do our best to work around such issues: STUN, UPNP, NAT-PT, ICE, ALGs... It's layers upon layers of cruft....and we haven't even gotten to the real horror of so called "carrier-grade" NAT yet... Eg) NAT behind NAT.
The prospects are awful.
The fact anything works at all is a testament to... something......but it is not a solid solution. It was a stop-gap measure that should have been discarded long away.
Without NAT, you're still hitting the stateful firewall and default deny rule at the edge of my network... Most home routers should default to this sort of behaviour.
The difference is, I can open up as many ports as I need with no limitations. None of this crap with forwarding port 80 to one box and then... Oh, I need another web server... Hmm. 8080? Other random / arbitrarily selected ports? That sucks! It's broken.
The IPs I'm leaving in web server logs are also throw-away addresses - read up RFC-4961.
NAT has no security benefits. NAT's sole purpose is address scarcity. Firewalls are for firewalling. NAT is for breaking the pre-IPv6 internet out of necessity.
My home subnet is 2610:1e8:800:101::/64. Go ahead and tell me how many machines are in there...
I originally purchased iWork '09 via boxed media... When the App Store started distributing the individual apps, I preferred this for the convenience of downloading vs inserting a disc like a caveman.
Eventually I ended up re-purchasing Pages and Numbers for this convenience but have not forked over the dollars for Keynote as of yet... With this recent change, I dusted off my iWork disc and made the leap to the App Store version of Keynote for free.
It's always refreshing when paying customers aren't assumed to be thieves.
I have end-to-end connectivity between home, work, family members networks, everywhere I have v6. My networks, my firewalls, my rules!
Yes, stateful firewalls that block everything inbound that wasn't setup from the inside are a completely sane default. Unlike NAT we get to choose what traffic we DO allow - even if we have more than one host that needs the same port. Why is this bad?
If the new devices don't pick up a new prefix - they're broken devices. Would you keep a device that kept its IPv4 address for longer than its DHCP lease term?
Renumbering into a new prefix is way easier than re-numbering into a new IPv4 subnet. All my suffixes stay the same, learn the new prefix and you're done.
Multicast DNS doesn't just move the problem 'somewhere else' it moves it from one or more centralized places that can fail to a distributed model. Every host responds to requests for its own name - no infrastructure required. Bliss.
I agree, layers of complexity suck, that's why I don't want NAT behind NAT connecting to someone else's layers of NAT. End to end connectivity is a huge win, if that means slightly larger address space - that's well worth it. I also look forward to "What's your IP address?" having a meaningful answer, again, less complexity.
The above aside, your argument about raw addresses is barely even valid... I've memorized my important addresses. My old colocation address was 2610:78:ad::1 - easier to remember than an IPv4 addresses. My current prefix 2610:1e8:800:100::/56 isn't all that much harder. If you rely on autoconf addresses you can even determine the IP is based on the MAC and prefix - all without a DHCP service.
The future rocks, let go of your decrepit IPv4 stack and learn something new.
Slashdot Mirror
Tokenization to protect your card from vendors and requires your fingerprint for security vs tap which requires nothing but the card.
Home Depot and Target can't lose the credit card info you never gave them.
That's a very nice step forward.
3½" diskettes were never referred to as a hard disk, like their 5 1/4 counterparts they were referred to as floppies. Named after the internal magnetic medium, not the casing.
Right... But I'm lucky to still have one public IP let alone another. End users can barely get IPs. What few you get have to go through hassles of justification and extra fees. I think I'd rather live in a world where it's common place to just hand people a swath of IPs.
I do believe it's required for VoLTE - which is effectively SIP and IPv6 if I'm not mistaken.
In spite of that... Still no sign of IPv6 over LTE on Rogers - even though my devices support it...
The ones we can't build on our 1980s protocol.
True, but I hope to see a proper multihoming standard. Prefix translation is ugly.
So you're cool with the Internet being forever limited to cat videos? The applications for the Internet were unforeseen. It changed the world in ways nobody could predict. IPv6 will pave the way for new applications in a way just as significant... But you can't see past today's furry thrills.
No my argument would be the equivalent of being against penicillin curing your infection but causing you to lose a leg... We have a better cure witbout the drawback.
Yes, the WEB works GREAT... I also use THE REST OF THE INTERNET.
IPv6 uses HEX: 2A
NAT was a direct response to address constraints. If it wasn't broken CGN would be the way forward.
Sorry, RFC-4941. Fat fingers. ...and I don't think we should design the internet with the most basic web surfing home user in mind. IPv6 will support everyones needs. IPv4 supports only the most trivial.
I'm actually at the point where I sadly suspect I'll see IPv6 over LTE on my mobile devices before I see it at home via my ISP.
Right now - quite a bit - there are all sorts of mechanism that have to be worked around. Every spend any time troubleshooting SIP? Do you know why nobody does direct media?
Ever wonder why file transfers in instant messaging apps either work intermittently or perform slowly?
Ever see the layers of complexity we've built to do our best to work around such issues: STUN, UPNP, NAT-PT, ICE, ALGs... It's layers upon layers of cruft. ...and we haven't even gotten to the real horror of so called "carrier-grade" NAT yet... Eg) NAT behind NAT.
The prospects are awful.
The fact anything works at all is a testament to... something... ...but it is not a solid solution. It was a stop-gap measure that should have been discarded long away.
No, it's not a security benefit. It was not designed as such and it shows.
If it was, it wouldn't allow holes to be arbitrarily punched through by NAT-PMP, UPNP and other traversal mechanisms.
If you're relying on NAT for security, you're doing it wrong.
My source of sadness for years. I whine about this regularly. I know of no Canadian ISP doing proper native IPv6... Instead I have to rely on tunnels.
I was chatting with TekSavvy but they only provide a single /64 - I would like more than one subnet.
They're also only doing it no their DSL services which are substantially slower than I can get from Shaw.
It seems my only option is to hurry up and wait longer.
That's not a security benefit of NAT, that's a quirky side effect that would be better replaced with a proper stateful firewall.
Without NAT, you're still hitting the stateful firewall and default deny rule at the edge of my network... Most home routers should default to this sort of behaviour.
The difference is, I can open up as many ports as I need with no limitations. None of this crap with forwarding port 80 to one box and then... Oh, I need another web server... Hmm. 8080? Other random / arbitrarily selected ports? That sucks! It's broken.
The IPs I'm leaving in web server logs are also throw-away addresses - read up RFC-4961.
NAT has no security benefits. NAT's sole purpose is address scarcity. Firewalls are for firewalling. NAT is for breaking the pre-IPv6 internet out of necessity.
My home subnet is 2610:1e8:800:101::/64. Go ahead and tell me how many machines are in there...
I'll wait.
Absence of NAT is a feature! If not THE feature of IPv6!
I originally purchased iWork '09 via boxed media... When the App Store started distributing the individual apps, I preferred this for the convenience of downloading vs inserting a disc like a caveman.
Eventually I ended up re-purchasing Pages and Numbers for this convenience but have not forked over the dollars for Keynote as of yet... With this recent change, I dusted off my iWork disc and made the leap to the App Store version of Keynote for free.
It's always refreshing when paying customers aren't assumed to be thieves.
I have end-to-end connectivity between home, work, family members networks, everywhere I have v6. My networks, my firewalls, my rules!
Yes, stateful firewalls that block everything inbound that wasn't setup from the inside are a completely sane default. Unlike NAT we get to choose what traffic we DO allow - even if we have more than one host that needs the same port. Why is this bad?
If the new devices don't pick up a new prefix - they're broken devices. Would you keep a device that kept its IPv4 address for longer than its DHCP lease term?
Renumbering into a new prefix is way easier than re-numbering into a new IPv4 subnet. All my suffixes stay the same, learn the new prefix and you're done.
NAT is a kludge. It needs to die.
Multicast DNS doesn't just move the problem 'somewhere else' it moves it from one or more centralized places that can fail to a distributed model. Every host responds to requests for its own name - no infrastructure required. Bliss.
I agree, layers of complexity suck, that's why I don't want NAT behind NAT connecting to someone else's layers of NAT. End to end connectivity is a huge win, if that means slightly larger address space - that's well worth it. I also look forward to "What's your IP address?" having a meaningful answer, again, less complexity.
The above aside, your argument about raw addresses is barely even valid... I've memorized my important addresses. My old colocation address was 2610:78:ad::1 - easier to remember than an IPv4 addresses. My current prefix 2610:1e8:800:100::/56 isn't all that much harder. If you rely on autoconf addresses you can even determine the IP is based on the MAC and prefix - all without a DHCP service.
The future rocks, let go of your decrepit IPv4 stack and learn something new.
Multicast DNS for the win.
Don't you have to be a bottom feeding shell corporation with no actual products to be a patent troll?
Not sure Apple fit this definition at any stage of it's history.