Firewall Wizards mailing list archives
Re: Rant (Was Re: Our friend FTP, again)
From: Janos Mohacsi <mohacsi () iit bme hu>
Date: Tue, 20 Apr 1999 13:36:54 +0200 (MET DST)
On Tue, 20 Apr 1999 ark () eltex ru wrote:
Date: Tue, 20 Apr 1999 13:14:30 +0400 From: ark () eltex ru To: mohacsi () iit bme hu Cc: dleblanc () mindspring com, firewall-wizards () nfr net Subject: Re: Rant (Was Re: Our friend FTP, again) -----BEGIN PGP SIGNED MESSAGE----- nuqneH, Janos Mohacsi <mohacsi () iit bme hu> said :I am sure that IPv6 will be deployed in 1-2 years, because of shortage of IP address base in Asia, and Europe. US will lag behind of them: enough IPv4 addresses. But If you get IPSec with IPv6 why you will not buy IPv6 ready/compliant system.... IPv6/IPsec combination are quite mature from several vendors.Hell, i am pretty sure IPv4 address shortage is pure administrative problem, not a technical one. Seen too much of "we have a research lab with ~100 workstations so we need C network" :-E~~ (actually they need 3: one for firewall and 2 for public servers) I can't believe ipv4 address space is not enough for all hosts that actually need true routable address.
I am sure it may be tecnical too and economical. Scenario1: NAT box NAT box (firewall) A $ Administrative task to maintain workstations B $ Modify applications to use NAT/firewall C $ Use existing IPv4 0 $ Scenario2: IPv6 Get IPv6 compliant router or router software ~ A $ Administrative task to maintain workstations << B $ Modify applications to use IPv6 > C $ Use existing IPv6 0 $ Porting a well written program to Pv6 is very easy. Other economical factors: Router table of backbone routers with NAT will be very confusing and very big... -> Routing slow down.... With IPv6 plus: 1. Everybody can have routable address -> Easier global local connection -> If you need multimedia capability NAT wont be your bottleneck. 2. IPSec 3. Multimedia capability built in. etc...
If we find a way to get those addresses back from _abusers_ (sic!) then we don't have to spend time and money migrating to v6.
So you advocate renumbering... Did youe ever tried IPv4 renumbering? It is a nightmare. It is much more easier with IPv6 (built in capability...) What do you think of the the different mobile devices, intelligent cars ,refrigerators, intelligent houses. Do they need IP address ? Certainly yes. How would you access your own house devices without IPv6? With NAT? How much adresses do you need? NATs are only a partial sollutions. With NAT we can have 2^32 (Address part)*2^16 (port part) addresses: 281474976710656 but efficiency of allocation hardly can be between 0.22 and 0.26. The efficiency can be approximately: 0.26 (Address part) * 0.01 (Port part). Port part is quite optimistic that means that we can serve 600 client from one address... So the total end system with NAT appriximatley: 73 000*10^6. To compare: The total population of USA is: 267*10^6 But total population of China is: 1221*10^6 Probably we have enough IP numbers with 128 bits... Janos Mohacsi
Current thread:
- Re: Rant (Was Re: Our friend FTP, again) Bill_Royds (Apr 17)
- <Possible follow-ups>
- RE: Rant (Was Re: Our friend FTP, again) Russ (Apr 17)
- Re: Rant (Was Re: Our friend FTP, again) Ryan Russell (Apr 17)
- Re: Rant (Was Re: Our friend FTP, again) David LeBlanc (Apr 18)
- Re: Rant (Was Re: Our friend FTP, again) Janos Mohacsi (Apr 19)
- Re: Rant (Was Re: Our friend FTP, again) Ge' Weijers (Apr 20)
- Re: Rant (Was Re: Our friend FTP, again) David LeBlanc (Apr 20)
- Re: Rant (Was Re: Our friend FTP, again) David Bonn (Apr 20)
- Re: Rant (Was Re: Our friend FTP, again) David LeBlanc (Apr 18)
- Re: Rant (Was Re: Our friend FTP, again) ark (Apr 20)
- Re: Rant (Was Re: Our friend FTP, again) Janos Mohacsi (Apr 20)