Re: Nat

[Mike Hammett <nanog () ics-il net>]

Most people couldn't care less and just want the Internet on their device to work. 




----- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

----- Original Message -----

From: "Keith Medcalf" <kmedcalf () dessus com> 
To: nanog () nanog org 
Sent: Sunday, December 20, 2015 9:11:53 PM 
Subject: RE: Nat 

> I agree that a /48 or /56 being reserved for business 
> customers/sites is reasonable. But for residential use, I'm having a hard 
> time believing multi-subnet home networks are even remotely common outside 
> of networking folk such as the NANOG members. A lot of recent IPv4 
> devices 
> such as smart TVs have the ability to auto-discover things they can talk 
> to 
> on the network. If we start segmenting our home networks to keep toasters 
> from talking to thermostats, doesn't this end up meaning your average home 
> user will need to be proficient in writing FW rules? Bridging an entire 
> house network isn't that bad. 

I have (currently) 6 network segments. One for my "trusted" clients, one for my "trusted" servers, one for the 
"entertainment" systems, one for "dirty & untrustworthy" computers (such as those from $dayjob), one for "clean" WiFi, 
and one for dirty WiFi. If there were any additional classes of devices, they would live in their own subnets as well. 

I cannot habituation between classes of devices on the same network segment. Untrustworthy devices are relegated to 
their own segments where they cannot talk to anything that they ought not be talking to. Of course, your definition of 
"untrustworthy" may not be the same as mine. Any device over which I do not have supreme complete authority is 
untrustworthy -- which by definition includes most entertainment and other "Internet-of-Crap" devices.