Last Chance Rush -- was "Five Security Flaws in IPv6"

[Tim Chown]

On Sun, May 13, 2007 at 10:42:25AM -0700, David Conrad wrote:
> On May 12, 2007, at 12:50 AM, Mohacsi Janos wrote:
> >Does not really matter whether the content is available via IPv4 or  
> >via IPv6. In the other hand there are some customers who one to  
> >share their content from their home network.
> 
> A tiny, tiny fraction.  Most people appear to be more than happy to  
> have some 3rd party provide hosting services (e.g., flickr, youtube,  
> akamai, etc.).  And oddly enough, many (all?) of those services don't  
> even provide IPv6 addresses.  From their perspective, why bother?   
> It's not like their customers care.

Today yes, in 5 years who knows?   We're limited by today's crummy
DSL uplinks, but that's changing with new technologies to the home.
 
> >With NATs this will be rather problematical... Currently we are  
> >wasting engineering resources to solve different NAT traversal  
> >problems....
> 
> Get used to NAT.  Learn to love it. If you are an IPv6-only site (the  
> likelihood of which increases significantly when the IPv4 free pool  
> runs out in 20{09,10,11,12}), you are going to need v6-to-v4 NAT to  
> connect to anything useful.

Translation yes, but not necessarily IP... ALGs do a nice job today.
If you plopped a v6 only device on our dual-stack network here today it
could talk via v6 to DNS, MXs, web cache, etc that can relay to v4
networks... those are the typical v4 legacy apps (mail and web browsing)
while we might expetc v6 to be used for more interesting p2p apps (e.g.
see how better BitTorrent works with no NAT) between SOHO type systems.

We shouldn't think in today's boxes :)

-- 
Tim