Re: IP network address assignments/allocations information?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IP network address assignments/allocations information?
Tripp Lilley <tlilley at perspex.com> writes:
> Mine is not a stand in favor of NATs, let me get that out first :-)
> However, the arguments against NATs in the home all center around
> end-to-end connectivity to various devices in the home (light bulbs,
> toasters, VCRs, thermostats, etc).
>
> Is this really the "right" model for that sort of interaction?
Yes. I don't want to invent fifteen thousand different protocols to
handle things. IP already does what I need most of the time.
> I don't think NATs are architecturally "correct", but I think they're
> teaching us an important lesson about the (initially valid) assumptions
> about end to end connectivity. Even after we eradicate NATs through
> wholesale migration to v6 (optimist hat on), the paranoid will still
> deploy ALGs on their firewalls to mediate access to those globally
> routable lightbulb and security camera addresses.
I'm not sure that's the right model, actually. IP addresses are too
easy to forge. The right way to stop people from doing that sort of
thing is to deploy end to end security protocols that strongly
authenticate both ends.
Perry
Note Well: Messages sent to this mailing list are the opinions
of the senders and do not imply endorsement by the IETF.
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
