Re: Creating demand for IPv6

["William Herrin" <herrin-nanog () dirtside com>]

On 10/3/07, Mark Smith
<nanog () 85d5b20a518b8f6864949bd940457dc124746ddc nosense org> wrote:
> The value of network perimeterisation as a security measure, of which
> NAT is a method, is being questioned significantly by network security
> people.

Mark,

The discussion at hand is whether the absence of NAT creates a drag on
IPv6 deployment. and how much of a drag it creates. Your points about
the relative merits of NAT as a security mechanism are entirely
irrelevant to that discussion.


On 10/3/07, Iljitsch van Beijnum <iljitsch () muada com> wrote:
> On 3-okt-2007, at 5:20, William Herrin wrote:
> > 1. End the insanity of having software prefer IPv6 if available (AAAA
> > records over A records).
>
> Insanity?

Yes, Iljitsch, insanity.

Trying IPv6 first is asking folks to disable it on their PCs the
second or third time they can't get to a web site because the IPv6
path isn't working. Its also asking web site operators not to offer
IPv6 addresses in the first place so as not to inconvenience folks who
have Ipv6 turned on without a reliable connection.

That's counterproductive. We want people on both sides to turn it on
and leave it on.

We don't need every PC in the world to be a beta tester for our new
Internet. We do need them to turn it on.

Regards,
Bill


-- 
William D. Herrin                  herrin () dirtside com  bill () herrin us
3005 Crane Dr.                        Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004