Apparently you've missed the other threads about the "island" - the "island" is the place Geim is from - Great Britain, which makes up the majority of the land-area of the United Kingdom, so the guy meant that it would take all the money in the UK to fight the patents.
Although, having read your posts, I have a sneaking suspicion you're just having fun with people by being purposely obtuse.
Why doesn't "Great Britain" *geographically* encompass Wales, also - isn't it all one island? If GB is the name for the island, as opposed to any of the political entities that share the island, isn't Wales also part of that island?
The thing I don't get is why the 'big corporation' didn't go ahead and partner up with Geim so that the big corporation could use the patents against other big corporations? I mean, sure, if you just look at it as a game of inventor vs. big corp, the inventor is screwed. But there is more than one big corporation in the world - why wouldn't such a corp partner with a small inventor so that the big corp effectively controls the patent? Wouldn't that be cheaper than employing a hundred patent lawyers every day to fight the small inventor, and provide them protection against competitions from other big corps?
Laws might vary from country to country, but there's a couple things at play:
1) In the most basic sense, I think most patents expire after like 5 or 10 years, but you can renew it for another 10 years, or something like that. You can only renew a finite number of times, usually, for a total limit of 20 or 40 years or something.
2) You can also 'extend' the patent by creating 'new' patents that derive off the old patent - the pharmaceutical industry is particularly active with this sort - you start with say a basic pill. Then 5 years later, you get a patent for the same drug in a gel-cap formulation. Then 5 years later you get another patent for a chewable formulation, etc. So, you create a 'new' invention which is the old invention plus some slight improvement.
Or, you get a patent on a different way to mass-produce the product much more cheaply/efficiently, so that even though the product itself is no longer patented, you control the patent on the most superior way to produce the product, so that you have a significant competitive advantage vis-a-vis the competition.
Or you get individual patents on new applications of the old product, so that you are the only one who can use the product in the new application.
I don't get how you can put a soft-hyphen in a URL and have it work? It's a formatting character, it shouldn't ever be legal to have a formatting character as part of a URL? Are they registering domain-names with soft-hyphens in the name? Or is this a case where the browser 'helpfully' replaces a soft hyphen with a regular hyphen when actually trying to connect to the web server, but for some reason does NOT render they hyphen when displaying it to the user? It seems like the browser should behave consistently - if it doesn't render a hyphen when displaying it, it shouldn't render a hyphen when making the DNS lookup.
Well, at least some of their suggestions actually make sense, and if actually *implemented* correctly, will most likely save money. Consider the suggestion to allow citizens to enter/update their own info via a website. If millions of people are keying in their own data, that's a lot less Customer Service-type people you need to employ to get data from citizens and key it in on their behalf. I bet it also cuts down on data entry errors (and how much money does that ultimately cost the government), as you are probably more likely to type your own name and address in correctly than some CSR-data entry person.
My father is an engineer, and worked for a fairly well-known engineering company for a couple years while I was in junior high. The particular project he was working on was a contract for NASA, to build a new "Advanced Solid Rocket Motor" to lift the space shuttle. The project was started in the aftermath of the Challenger explosion, to design a safer (and I believe cheaper, also) lift system. The company contracted to do the job was, so far as I know, hitting all the milestones, and NASA was, I believe, pleased with the results, but just about the 11th hour, when they had all the designs finished, and most of the tooling built and setup at the manufacturing facility, and were about to start producing them - after a couple Billion had been spent on the project, it was *cancelled* so the contract could go to another company in a different state, and that state's Senator had just become the head of a committee or something, and used his position to mothball the ASRM project, and start up a different rocket motor project. 2 Billion+ dollars down the flusher, as quick as that.
What company would kill a $2 Billion+ project at the 11th hour when they are about to deliver product, and start all over spending 2 or 3 billion more to another company to produce a different but more-or-less equivalent product?
Private Jet for the CEO or US President (Air Force One), is one thing. Where the wastefulness comes in is that government (at all levels - local, state, federal), is very susceptible to things like contracts to purchase goods or services which are horrendously over-priced, because a well placed official or bureaucrat does something like awarding a no-bid contract to their friend, brother, son, daughter, wife.
While a lot of companies might overpay their VPs and CxOs, they are generally ruthlessly efficient when it comes to things like purchasing materials, finished goods, services, etc from other companies, and never overpaying.
Yes, when I read that I cringed. I know what that military guy is *trying* to say, but that's the type of poorly thought out statement which might easily become propaganda for the Taliban and al Qaeda.
"There are only 65536 port numbers, so there is only so thin that you can spread a single IP address."
But who says they have to do a one-to-many NAT? Why not have a pool of public addresses available for NAT. Say, 1 IP per every 50 customers, or even 1 per 25 customers? The point isn't necessarily that an ISP has to drop down to a single IP address for serving every single customer - but that instead of assigning 1 public IP per household/customer, they can get away with spreading it *thinner*.
So, they setup a carrier grade NAT to service a city with 10000 customers, and maybe they provision that NAT with a pool of 400 public IPv4 addresses.
I'm not saying that I think NAT is a great idea - I think it's gonna break a lot of stuff. I'm just saying that I think your argument might rest on a false assumption.
As for the DNS server - your ISP can setup a DNS server with a private address in the same network block as all it's customers. That is, on the 'inside' of the NAT, private addresses are routable. They can setup a DNS Server at address 10.0.0.4, for example, and anyone inside of the NAT'ed network who also has a 10.*.*.* address can communicate with the DNS server no problem.
Web servers, though (or any other server which needs to be reached by anyone on the Internet, will still continue to (for the most part), need public IP addresses, but I think the 'logic' of CGN goes: There are way, way more end-user devices than servers. If we can get enough end-users on CGN, we can free up a few hundred million, or a billion, public IP addresses for use by servers (which ought to be enough for a few years, anyhow).
Again, I still think it's a bad idea, but just addressing your questions.
Basically, yes. If you are on a carrier using NAT for their entire customer base, you don't get even one public IP address. But, tracking hackers will only be one problem (which might be able to be overcome through ISPs logging every Port Address Translation mapping they ever make - e.g. if you make an outbound connection through their NAT, that connection is assigned some unused port to act as the 'source' port for those packets. A remote server or website, if they log both the source IP address AND the source port of incoming connections, might be able to request the ISP to find out what internal address that source port was associated with at the instant of the hostile traffic).
Other problems will be a very widespread breakage of all sorts of apps that need to do any kind of communication directly to a host. I expect carrier-wide NAT will very adversely affect BitTorrent, Skype, VoIP programs (including the voice/video calling features in many popular Instant Messenging programs), direct file transfers, remote PC administration/access (things like VNC, PCAnywhere, Remote Desktop Protocol, etc).
Today, when using NAT on my home network, I can at least setup a port forward to give me some in-bound traffic capability. With Carrier-NAT, you won't control the router, so good luck getting any port forwards setup. And, oh yeah, only one computer per port on the entire ISP network can get a particular port forwarded to it (that is, act as the destination for that port number), so the carrier can't really offer port forwarding, even if they would be otherwise inclined to do it.
Carrier-level NAT is made of highly-enriched LOSE, wrapped in EPIC FAILURE.
Well, there's several ways to tackle this. Dome DSL/Cable modems allow you to 'bridge' the traffic - that is, bypass the internal IPv4 router that's built into the DSL/Cable Modem. When 'bridging', basically the modem takes an ethernet frame and transmits it over the cable/dsl connection to the DSLAM (or whatever the cable equivalent is), where the ethernet frame is read by the DSLAM and the tcp packet is further routed on the ISP network. So, let's say the ISP has enabled IPv6 routing on their network, but they aren't giving you a new Cable/DSL gateway with an IPv6 router. In that case, you could maybe set the modem to bridge the traffic, then use a different router you own which *does* support IPv6 to manage your network.
Barring that, you could use IPv6 tunneling over IPv4. I'm currently using the GoGo6 GoGoNet tunnel service to test out IPv6. There are a number of different tunnel brokers offering free tunnels. If your ISP does not natively route IPv6, but you can bridge the traffic to another router, some routers can setup an automatic IPv6 tunnel using IPv4 Anycast(like Apple Airport routers, and maybe a few others - there are some projects offering Linux-based replacement firmwares for some routers, and those replacement firmwares can be configured to this as well, I think). If you setup the tunnel on the router like that, chances are that most modern OSes will 'just work' with IPv6 after that - the router will advertise the network prefix, and the OSes will just append their MAC address onto the prefix to get a working globally routed IPv6 address.
If you can't get a tunnel on the router, you can do tunnels to individual computers (that GoGo6 tunnel I mentioned earlier is just configured on this one computer).
"The Planet" doesn't care whether we shit or pollute. Animals of one kind or another have been shitting all over the earth for what, a Billion years? Shit's just part of the planet. So is "Pollution". "The Planet" doesn't care about mercury, lead, sulfer dioxide, oil, or anything else - it's all part of the planet and has been part of the planet for Billions (or hundreds of millions, in the case of oil) years. "The Planet" doesn't care about Global Warming, Ozone Depletion, or anything else.
It is *we* who need to worry about our shit and pollution. It is we who will suffer (and other organic life) from pollutants, or from radioactive contamination or whatever. As far as "The Planet" is concerned, everything is "natural". Lead is natural, uranium is natural, oil is natural.
As I mentioned (I think) in my Journal article, the great thing about IPv6 is that any IPv4 address could be represented inside of an IPv6 'subnet'. So, different ISP's, or maybe even end-users can have their own entire 'IPv4-Internet-in-a-box', so to speak. Let's say your ISP gives you a/48 v6 network block (I believe that is actually the suggested standard from the spec - every user their own/48): you can have your own full IPv4 address space. So, you give your 'internal' network addresses 'public' addresses.
Ok, but those addresses aren't really public, right, because they are just inside your network? Well, it's easy to map from prefix::IPv4 address (as an IPv6 address), to the corresponding internal IPv4 address. So, let's say you allocate the for yourself the 1.1.1.0/24 network (and let's say your IPv6 network prefix is 0102:0304::). Well, it would be easy enough to have your IPv6 'gateway' router forward any incoming request with a destination address like 0102:0304::0101:0101 to the local 1.1.1.1 IPv4 address.
So in the scheme I'm proposing, either the end-users home network, or possibly the ISP's regional network, provides a complete set of public IPv6 addresses for all 'legacy' IPv4 hosts/applications by assigning the 'internal' hosts any of the approximately 4 Billion 'public' (in as much as those addresses are routable under IPv4 rules - something with an IPv4 private network address should probably never be routed, even if it technically could be by the router) IPv4 addresses.
This means every ISP has enough routable IPv4 addresses there's no longer any reason to 'hoard' them, or charge people $10/mo for a static IP (although, ISPs being who they are, I'm not holding my breath that Verizon, AT&T, & co. - the same people who want to kill net neutrality - won't try to screw the customer just because they can). Well, at least if they give me full IPv6 with a/48, I could potentially provision IPv4 static addresses for myself.
I don't know that this would necessarily deal with ALL transition problems, but I had an idea a couple years ago about how you might come up with a collection of transition technologies that work together to make the transition a bit easier, which I posted in my Journal:
In a nutshell, it seems to me that since the IPv6 address space is so large, you can have many, many hosts where the last 4 bytes of the address are all the same, as long as some part of the rest of the address is different. Seems like you could exploit this fact to give the same 'public' IPv4 addresses to different hosts on different networks (every network could have it's own/16,/8 or even it's own private complete IPv4 address space, internally). Between the Internal network and the IPv6 'public' Internet, you have a gateway which transparently hides the IPv6 details from IPv4 applications/devices. Some of the 'internal' IPv4 addresses would be used for local hosts on the networks, and some of them would be used to establish mappings to the 'real' IPv6 addresses. IPv4 applications could access IPv6 hosts either by making a dns request for the host by domain name (which would trigger the gateway to automatically setup a temporary mapping as discussed above), or if the host you want to contact does not have a 'real' domain name, a special dns entry which encodes the IPv6 address in the domain name, then is parsed by the dns server, which again triggers an automatic mapping between the IPv6 address and a local IPv4 address.
For connections the other direction (e.g. from an IPv6 host to IPv4), it really ridiculously easy - since the entire IPv4 address-space can fit in a subnet of an IPv6 network address, you can just form public IPv6 addresses of the form network-prefix:IPv4address (e.g. if your network prefix is 1234::5678, the IPv6 address of a machine whose 'internal' IPv4 address is 12.34.56.78, becomes 1234::5678:0C22:384E - 0C22:3844 is the hex equivalent of 12.34.56.78 - but users will generally not need to worry about that, as they'll usually be looking up hosts through either DNS, or by making connections through a service like an instant messenger client, bittorrent tracker, game server browser/matching system, etc, where they never even see the address, like the way things usually work nowadays with IPv4).
I've not really heard anyone else describe such a system, but I don't see why it's not possible?
There's a difference between, "Mac OS X does not have IPv6" and "Mac OS X does not support the new DHCPv6". The article implies that. BTW, it's not at all clear that DHCPv6 is an *integral* and necessary feature of IPv6. If Apple viewed it as a highly demanded feature from their customer base, it'd be in there tomorrow. They obviously don't think there's a rush to add DHCPv6 support.
As the article states, IPv6 was designed to mostly not need DHCP - the addition of it is, I believe, to satisfy the needs of some system administrators, and I'm sure that for those administrators, it's an integral and necessary feature, but for most users, perhaps it's not so much.
Maybe because we'd rather not antagonize a nuclear power who can also muster a 300-400 Million man army/navy/airforce if they need to, and, oh yeah, to whom we've outsourced 90% of our manufacturing (which they could, I'm sure, quickly turn to military production, just as the U.S. who, at the time, was a rising manufacturing power, turned our then-significant manufacturing capabilities towards becoming the "Arsenal of Democracy" during WWII)?
We hide behind our nukes, which is why we are in no position to really get rid of them, despite the dreams of Obama & Co., because if China decided to gear up for war, they can out-manufacture and out-muster us on about a 6-to-1 basis (or maybe more). Nukes, however, end up being sort of the great equalizer, in a way. Just as on an individual level, guns can make big strong men and smaller weaker men more-or-less equal, so do Nuclear Weapons between countries (so long as you have enough weapons to ensure MAD). Still, even if you've got a gun, there's no reason to bait a bear over something sort-of (relatively speaking) trivial.
I keep seeing people bring up this argument, but the problem is that 'lots and lots' JUST ISN'T. You might free up what, on the order-of-magnitude of 100 Million or so addresses? That still is NOT ENOUGH IP addresses to solve the problem. It might buy us a bit more time (perhaps a few years before address exhaustion really happens). We need Billions more addresses to really solve the problem, which you can't get through re-allocation of unused blocks.
As for companies selling off blocks, until the transition occurs, I'm sure you're right. Well, partly. It isn't gonna be $200/yr for a lease. Maybe $5,000 - 10,000/yr for a lease. Most likely, the price will be determined at auction, and I could see prices even going above $10,000yr per block. I fully expect the world to drag its collective feet in transitioning to IPv6, and IPv4 addresses becoming INSANELY EXPENSIVE as a result.
The silver lining here is that insanely expensive IP addresses gives a big incentive for the transition to IPv6 to begin - whereas right now (pre-exhaustion) most organizations see little benefit to an upgrade, as addresses become very expensive, there's suddenly a financial incentive to migrate.
As I said, on most networks (corporate or home), there will be another layer of firewall built into the gateway between the network and the ISP (the exception here might be 'public' WiFi networks such as hotels, coffee shops, restaraunts, bookstores, airports, etc, which is why I'd still want a 'crappy software firewall' on my machine - and that is no different between IPv4 and IPv6 - you want your own firewall on a computer that connects to 'untrusted' networks, or just don't connect to them, but for some people, that's not always an option).
Also, how does IPv6 prevent you from segmenting your network, separating traffic, limiting broadcast domains, etc? All those things are quite possible whether you use public addresses or private addresses, as long as you have routers/switches that support those things? I never said software firewalls were the answer for those problems, and while you may be able to use NAT to accomplish those things, you can accomplish all those things without NAT, and still have the benefits of public addresses, which you lose with NAT.
I don't know enough about Active Directory or ISA Server to be able to answer, but I'd be very surprised if they don't handle public IP addresses just fine. Any properly designed networking software shouldn't *care* what the IP addresses it serves are, you should just be able to configure it with the proper network config info, and it should just work. I'm pretty sure that at least *some* large organizations using Microsoft Server technologies (things like government agencies, the military, fortune 500 companies, etc) must be using 'public' network addresses (ok, wrt to the military, 'public' has a bit different definition in some cases, because they have an entire 'high-security Internet' of their own which is completely isolated from the public Internet, but still).
One point slipped my mind, and I realized right after hitting submit that I had forgotten to include it:
The reason I say it would be "better" if everyone had a public IP address is that it would make it much simpler for user-to-user direct communications (voice/video chat, remote backup to a friend or relative, games, file transfer, remote administration/tech support [e.g. I use VNC to assist my parents with computer problems, but had to setup port forwarding for that to work - but they have two computers, which complicates things since you can only port forward to one device, unless you use different port for each device], etc).
Yes, there are some 'wasted' IP addresses which could be reclaimed and re-allocated. However, given the scope of the problem, there's still not enough IP addresses for future growth. Reclaiming might buy us a few months or years, something like that, but in a world moving towards a population of 7 Billion people very soon, and probably 10 Billion within a few decades, reclaiming 500,000 addresses here and there doesn't really solve the problem.
Now, granted, a significant chunk of the world pop are too poor to have much in the way of computers or electronics - although I think cell phones are starting to get into the hands of populations previously considered 'too poor' to use them. Most of those, currently, might be 'dumbphones' that only do calls and texts, no Internet, but my point is, given the history of technology, it doesn't seem unreasonable to expect that smartphones will start becoming affordable for even very poor people within the next decade or two.
In the developed world, the expectation will be that someone might have at least one personal or work computer (and for a lot of people, both), plus a cell phone, and possibly even a netbook/tablet/pda/iPod.
So far, NAT has helped us limp along much longer than we otherwise would have, but it would really be better if everyone had public addresses with a proper firewall (which, most OSes have installed and activated by default these days, anyhow, and any DSL/CABLE/FIBER router *should* have built-in too) for security (for those worried that going from NAT to a Public address exposes you to greater risk of getting hacked/infected, a firewall should protect you the same amount as a NAT does).
Slashdot Mirror
Apparently you've missed the other threads about the "island" - the "island" is the place Geim is from - Great Britain, which makes up the majority of the land-area of the United Kingdom, so the guy meant that it would take all the money in the UK to fight the patents.
Although, having read your posts, I have a sneaking suspicion you're just having fun with people by being purposely obtuse.
Why doesn't "Great Britain" *geographically* encompass Wales, also - isn't it all one island? If GB is the name for the island, as opposed to any of the political entities that share the island, isn't Wales also part of that island?
The thing I don't get is why the 'big corporation' didn't go ahead and partner up with Geim so that the big corporation could use the patents against other big corporations? I mean, sure, if you just look at it as a game of inventor vs. big corp, the inventor is screwed. But there is more than one big corporation in the world - why wouldn't such a corp partner with a small inventor so that the big corp effectively controls the patent? Wouldn't that be cheaper than employing a hundred patent lawyers every day to fight the small inventor, and provide them protection against competitions from other big corps?
Oh, I totally agree. I was just making a point through a joke - I do actually have some friends, believe it or not.
Laws might vary from country to country, but there's a couple things at play:
1) In the most basic sense, I think most patents expire after like 5 or 10 years, but you can renew it for another 10 years, or something like that. You can only renew a finite number of times, usually, for a total limit of 20 or 40 years or something.
2) You can also 'extend' the patent by creating 'new' patents that derive off the old patent - the pharmaceutical industry is particularly active with this sort - you start with say a basic pill. Then 5 years later, you get a patent for the same drug in a gel-cap formulation. Then 5 years later you get another patent for a chewable formulation, etc. So, you create a 'new' invention which is the old invention plus some slight improvement.
Or, you get a patent on a different way to mass-produce the product much more cheaply/efficiently, so that even though the product itself is no longer patented, you control the patent on the most superior way to produce the product, so that you have a significant competitive advantage vis-a-vis the competition.
Or you get individual patents on new applications of the old product, so that you are the only one who can use the product in the new application.
. . . I knew not having any friends would pay off in the long run! Suckers!
I don't get how you can put a soft-hyphen in a URL and have it work? It's a formatting character, it shouldn't ever be legal to have a formatting character as part of a URL? Are they registering domain-names with soft-hyphens in the name? Or is this a case where the browser 'helpfully' replaces a soft hyphen with a regular hyphen when actually trying to connect to the web server, but for some reason does NOT render they hyphen when displaying it to the user? It seems like the browser should behave consistently - if it doesn't render a hyphen when displaying it, it shouldn't render a hyphen when making the DNS lookup.
Well, at least some of their suggestions actually make sense, and if actually *implemented* correctly, will most likely save money. Consider the suggestion to allow citizens to enter/update their own info via a website. If millions of people are keying in their own data, that's a lot less Customer Service-type people you need to employ to get data from citizens and key it in on their behalf. I bet it also cuts down on data entry errors (and how much money does that ultimately cost the government), as you are probably more likely to type your own name and address in correctly than some CSR-data entry person.
My father is an engineer, and worked for a fairly well-known engineering company for a couple years while I was in junior high. The particular project he was working on was a contract for NASA, to build a new "Advanced Solid Rocket Motor" to lift the space shuttle. The project was started in the aftermath of the Challenger explosion, to design a safer (and I believe cheaper, also) lift system. The company contracted to do the job was, so far as I know, hitting all the milestones, and NASA was, I believe, pleased with the results, but just about the 11th hour, when they had all the designs finished, and most of the tooling built and setup at the manufacturing facility, and were about to start producing them - after a couple Billion had been spent on the project, it was *cancelled* so the contract could go to another company in a different state, and that state's Senator had just become the head of a committee or something, and used his position to mothball the ASRM project, and start up a different rocket motor project. 2 Billion+ dollars down the flusher, as quick as that.
What company would kill a $2 Billion+ project at the 11th hour when they are about to deliver product, and start all over spending 2 or 3 billion more to another company to produce a different but more-or-less equivalent product?
That's government waste for you.
Private Jet for the CEO or US President (Air Force One), is one thing. Where the wastefulness comes in is that government (at all levels - local, state, federal), is very susceptible to things like contracts to purchase goods or services which are horrendously over-priced, because a well placed official or bureaucrat does something like awarding a no-bid contract to their friend, brother, son, daughter, wife.
While a lot of companies might overpay their VPs and CxOs, they are generally ruthlessly efficient when it comes to things like purchasing materials, finished goods, services, etc from other companies, and never overpaying.
"Cutting the deficit by 1 trillion dollars would save TEN TRILLION DOLLARS in ten years."
What, no interest on the debt? Cutting a trillion a year for 10 years would probably really save 15 trillion, once you account for interest charges.
Yes, when I read that I cringed. I know what that military guy is *trying* to say, but that's the type of poorly thought out statement which might easily become propaganda for the Taliban and al Qaeda.
"There are only 65536 port numbers, so there is only so thin that you can spread a single IP address."
But who says they have to do a one-to-many NAT? Why not have a pool of public addresses available for NAT. Say, 1 IP per every 50 customers, or even 1 per 25 customers? The point isn't necessarily that an ISP has to drop down to a single IP address for serving every single customer - but that instead of assigning 1 public IP per household/customer, they can get away with spreading it *thinner*.
So, they setup a carrier grade NAT to service a city with 10000 customers, and maybe they provision that NAT with a pool of 400 public IPv4 addresses.
I'm not saying that I think NAT is a great idea - I think it's gonna break a lot of stuff. I'm just saying that I think your argument might rest on a false assumption.
As for the DNS server - your ISP can setup a DNS server with a private address in the same network block as all it's customers. That is, on the 'inside' of the NAT, private addresses are routable. They can setup a DNS Server at address 10.0.0.4, for example, and anyone inside of the NAT'ed network who also has a 10.*.*.* address can communicate with the DNS server no problem.
Web servers, though (or any other server which needs to be reached by anyone on the Internet, will still continue to (for the most part), need public IP addresses, but I think the 'logic' of CGN goes: There are way, way more end-user devices than servers. If we can get enough end-users on CGN, we can free up a few hundred million, or a billion, public IP addresses for use by servers (which ought to be enough for a few years, anyhow).
Again, I still think it's a bad idea, but just addressing your questions.
Basically, yes. If you are on a carrier using NAT for their entire customer base, you don't get even one public IP address. But, tracking hackers will only be one problem (which might be able to be overcome through ISPs logging every Port Address Translation mapping they ever make - e.g. if you make an outbound connection through their NAT, that connection is assigned some unused port to act as the 'source' port for those packets. A remote server or website, if they log both the source IP address AND the source port of incoming connections, might be able to request the ISP to find out what internal address that source port was associated with at the instant of the hostile traffic).
Other problems will be a very widespread breakage of all sorts of apps that need to do any kind of communication directly to a host. I expect carrier-wide NAT will very adversely affect BitTorrent, Skype, VoIP programs (including the voice/video calling features in many popular Instant Messenging programs), direct file transfers, remote PC administration/access (things like VNC, PCAnywhere, Remote Desktop Protocol, etc).
Today, when using NAT on my home network, I can at least setup a port forward to give me some in-bound traffic capability. With Carrier-NAT, you won't control the router, so good luck getting any port forwards setup. And, oh yeah, only one computer per port on the entire ISP network can get a particular port forwarded to it (that is, act as the destination for that port number), so the carrier can't really offer port forwarding, even if they would be otherwise inclined to do it.
Carrier-level NAT is made of highly-enriched LOSE, wrapped in EPIC FAILURE.
Well, there's several ways to tackle this. Dome DSL/Cable modems allow you to 'bridge' the traffic - that is, bypass the internal IPv4 router that's built into the DSL/Cable Modem. When 'bridging', basically the modem takes an ethernet frame and transmits it over the cable/dsl connection to the DSLAM (or whatever the cable equivalent is), where the ethernet frame is read by the DSLAM and the tcp packet is further routed on the ISP network. So, let's say the ISP has enabled IPv6 routing on their network, but they aren't giving you a new Cable/DSL gateway with an IPv6 router. In that case, you could maybe set the modem to bridge the traffic, then use a different router you own which *does* support IPv6 to manage your network.
Barring that, you could use IPv6 tunneling over IPv4. I'm currently using the GoGo6 GoGoNet tunnel service to test out IPv6. There are a number of different tunnel brokers offering free tunnels. If your ISP does not natively route IPv6, but you can bridge the traffic to another router, some routers can setup an automatic IPv6 tunnel using IPv4 Anycast(like Apple Airport routers, and maybe a few others - there are some projects offering Linux-based replacement firmwares for some routers, and those replacement firmwares can be configured to this as well, I think). If you setup the tunnel on the router like that, chances are that most modern OSes will 'just work' with IPv6 after that - the router will advertise the network prefix, and the OSes will just append their MAC address onto the prefix to get a working globally routed IPv6 address.
If you can't get a tunnel on the router, you can do tunnels to individual computers (that GoGo6 tunnel I mentioned earlier is just configured on this one computer).
"The Planet" doesn't care whether we shit or pollute. Animals of one kind or another have been shitting all over the earth for what, a Billion years? Shit's just part of the planet. So is "Pollution". "The Planet" doesn't care about mercury, lead, sulfer dioxide, oil, or anything else - it's all part of the planet and has been part of the planet for Billions (or hundreds of millions, in the case of oil) years. "The Planet" doesn't care about Global Warming, Ozone Depletion, or anything else.
It is *we* who need to worry about our shit and pollution. It is we who will suffer (and other organic life) from pollutants, or from radioactive contamination or whatever. As far as "The Planet" is concerned, everything is "natural". Lead is natural, uranium is natural, oil is natural.
As I mentioned (I think) in my Journal article, the great thing about IPv6 is that any IPv4 address could be represented inside of an IPv6 'subnet'. So, different ISP's, or maybe even end-users can have their own entire 'IPv4-Internet-in-a-box', so to speak. Let's say your ISP gives you a /48 v6 network block (I believe that is actually the suggested standard from the spec - every user their own /48): you can have your own full IPv4 address space. So, you give your 'internal' network addresses 'public' addresses.
Ok, but those addresses aren't really public, right, because they are just inside your network? Well, it's easy to map from prefix::IPv4 address (as an IPv6 address), to the corresponding internal IPv4 address. So, let's say you allocate the for yourself the 1.1.1.0/24 network (and let's say your IPv6 network prefix is 0102:0304::). Well, it would be easy enough to have your IPv6 'gateway' router forward any incoming request with a destination address like 0102:0304::0101:0101 to the local 1.1.1.1 IPv4 address.
So in the scheme I'm proposing, either the end-users home network, or possibly the ISP's regional network, provides a complete set of public IPv6 addresses for all 'legacy' IPv4 hosts/applications by assigning the 'internal' hosts any of the approximately 4 Billion 'public' (in as much as those addresses are routable under IPv4 rules - something with an IPv4 private network address should probably never be routed, even if it technically could be by the router) IPv4 addresses.
This means every ISP has enough routable IPv4 addresses there's no longer any reason to 'hoard' them, or charge people $10/mo for a static IP (although, ISPs being who they are, I'm not holding my breath that Verizon, AT&T, & co. - the same people who want to kill net neutrality - won't try to screw the customer just because they can). Well, at least if they give me full IPv6 with a /48, I could potentially provision IPv4 static addresses for myself.
goatse, tubgirl, etc?
I can't imagine they could possibly protect you from every possible. . . undesirable thing that someone might create a shortened link to.
I don't know that this would necessarily deal with ALL transition problems, but I had an idea a couple years ago about how you might come up with a collection of transition technologies that work together to make the transition a bit easier, which I posted in my Journal:
http://slashdot.org/journal/215899/A-NAT-DHCP-amp-DNS-Based-approach-to-IPv6-transition
In a nutshell, it seems to me that since the IPv6 address space is so large, you can have many, many hosts where the last 4 bytes of the address are all the same, as long as some part of the rest of the address is different. Seems like you could exploit this fact to give the same 'public' IPv4 addresses to different hosts on different networks (every network could have it's own /16, /8 or even it's own private complete IPv4 address space, internally). Between the Internal network and the IPv6 'public' Internet, you have a gateway which transparently hides the IPv6 details from IPv4 applications/devices. Some of the 'internal' IPv4 addresses would be used for local hosts on the networks, and some of them would be used to establish mappings to the 'real' IPv6 addresses. IPv4 applications could access IPv6 hosts either by making a dns request for the host by domain name (which would trigger the gateway to automatically setup a temporary mapping as discussed above), or if the host you want to contact does not have a 'real' domain name, a special dns entry which encodes the IPv6 address in the domain name, then is parsed by the dns server, which again triggers an automatic mapping between the IPv6 address and a local IPv4 address.
For connections the other direction (e.g. from an IPv6 host to IPv4), it really ridiculously easy - since the entire IPv4 address-space can fit in a subnet of an IPv6 network address, you can just form public IPv6 addresses of the form network-prefix:IPv4address (e.g. if your network prefix is 1234::5678, the IPv6 address of a machine whose 'internal' IPv4 address is 12.34.56.78, becomes 1234::5678:0C22:384E - 0C22:3844 is the hex equivalent of 12.34.56.78 - but users will generally not need to worry about that, as they'll usually be looking up hosts through either DNS, or by making connections through a service like an instant messenger client, bittorrent tracker, game server browser/matching system, etc, where they never even see the address, like the way things usually work nowadays with IPv4).
I've not really heard anyone else describe such a system, but I don't see why it's not possible?
There's a difference between, "Mac OS X does not have IPv6" and "Mac OS X does not support the new DHCPv6". The article implies that. BTW, it's not at all clear that DHCPv6 is an *integral* and necessary feature of IPv6. If Apple viewed it as a highly demanded feature from their customer base, it'd be in there tomorrow. They obviously don't think there's a rush to add DHCPv6 support.
As the article states, IPv6 was designed to mostly not need DHCP - the addition of it is, I believe, to satisfy the needs of some system administrators, and I'm sure that for those administrators, it's an integral and necessary feature, but for most users, perhaps it's not so much.
Maybe because we'd rather not antagonize a nuclear power who can also muster a 300-400 Million man army/navy/airforce if they need to, and, oh yeah, to whom we've outsourced 90% of our manufacturing (which they could, I'm sure, quickly turn to military production, just as the U.S. who, at the time, was a rising manufacturing power, turned our then-significant manufacturing capabilities towards becoming the "Arsenal of Democracy" during WWII)?
We hide behind our nukes, which is why we are in no position to really get rid of them, despite the dreams of Obama & Co., because if China decided to gear up for war, they can out-manufacture and out-muster us on about a 6-to-1 basis (or maybe more). Nukes, however, end up being sort of the great equalizer, in a way. Just as on an individual level, guns can make big strong men and smaller weaker men more-or-less equal, so do Nuclear Weapons between countries (so long as you have enough weapons to ensure MAD). Still, even if you've got a gun, there's no reason to bait a bear over something sort-of (relatively speaking) trivial.
I keep seeing people bring up this argument, but the problem is that 'lots and lots' JUST ISN'T. You might free up what, on the order-of-magnitude of 100 Million or so addresses? That still is NOT ENOUGH IP addresses to solve the problem. It might buy us a bit more time (perhaps a few years before address exhaustion really happens). We need Billions more addresses to really solve the problem, which you can't get through re-allocation of unused blocks.
As for companies selling off blocks, until the transition occurs, I'm sure you're right. Well, partly. It isn't gonna be $200/yr for a lease. Maybe $5,000 - 10,000/yr for a lease. Most likely, the price will be determined at auction, and I could see prices even going above $10,000yr per block. I fully expect the world to drag its collective feet in transitioning to IPv6, and IPv4 addresses becoming INSANELY EXPENSIVE as a result.
The silver lining here is that insanely expensive IP addresses gives a big incentive for the transition to IPv6 to begin - whereas right now (pre-exhaustion) most organizations see little benefit to an upgrade, as addresses become very expensive, there's suddenly a financial incentive to migrate.
As I said, on most networks (corporate or home), there will be another layer of firewall built into the gateway between the network and the ISP (the exception here might be 'public' WiFi networks such as hotels, coffee shops, restaraunts, bookstores, airports, etc, which is why I'd still want a 'crappy software firewall' on my machine - and that is no different between IPv4 and IPv6 - you want your own firewall on a computer that connects to 'untrusted' networks, or just don't connect to them, but for some people, that's not always an option).
Also, how does IPv6 prevent you from segmenting your network, separating traffic, limiting broadcast domains, etc? All those things are quite possible whether you use public addresses or private addresses, as long as you have routers/switches that support those things? I never said software firewalls were the answer for those problems, and while you may be able to use NAT to accomplish those things, you can accomplish all those things without NAT, and still have the benefits of public addresses, which you lose with NAT.
I don't know enough about Active Directory or ISA Server to be able to answer, but I'd be very surprised if they don't handle public IP addresses just fine. Any properly designed networking software shouldn't *care* what the IP addresses it serves are, you should just be able to configure it with the proper network config info, and it should just work. I'm pretty sure that at least *some* large organizations using Microsoft Server technologies (things like government agencies, the military, fortune 500 companies, etc) must be using 'public' network addresses (ok, wrt to the military, 'public' has a bit different definition in some cases, because they have an entire 'high-security Internet' of their own which is completely isolated from the public Internet, but still).
One point slipped my mind, and I realized right after hitting submit that I had forgotten to include it:
The reason I say it would be "better" if everyone had a public IP address is that it would make it much simpler for user-to-user direct communications (voice/video chat, remote backup to a friend or relative, games, file transfer, remote administration/tech support [e.g. I use VNC to assist my parents with computer problems, but had to setup port forwarding for that to work - but they have two computers, which complicates things since you can only port forward to one device, unless you use different port for each device], etc).
Yes, there are some 'wasted' IP addresses which could be reclaimed and re-allocated. However, given the scope of the problem, there's still not enough IP addresses for future growth. Reclaiming might buy us a few months or years, something like that, but in a world moving towards a population of 7 Billion people very soon, and probably 10 Billion within a few decades, reclaiming 500,000 addresses here and there doesn't really solve the problem.
Now, granted, a significant chunk of the world pop are too poor to have much in the way of computers or electronics - although I think cell phones are starting to get into the hands of populations previously considered 'too poor' to use them. Most of those, currently, might be 'dumbphones' that only do calls and texts, no Internet, but my point is, given the history of technology, it doesn't seem unreasonable to expect that smartphones will start becoming affordable for even very poor people within the next decade or two.
In the developed world, the expectation will be that someone might have at least one personal or work computer (and for a lot of people, both), plus a cell phone, and possibly even a netbook/tablet/pda/iPod.
So far, NAT has helped us limp along much longer than we otherwise would have, but it would really be better if everyone had public addresses with a proper firewall (which, most OSes have installed and activated by default these days, anyhow, and any DSL/CABLE/FIBER router *should* have built-in too) for security (for those worried that going from NAT to a Public address exposes you to greater risk of getting hacked/infected, a firewall should protect you the same amount as a NAT does).