James Knott said the following on 08/05/2010 10:18 AM:
Anton Aylward wrote:
NAT doesn't 'break things' Try using ftp from the command line (not from a browser).
LOL! FTP is more broken than NAT! And while you or I might use the comand line, Joe Sixpack will use the browser. The command line is what scares him away from Linux.
Also, NAT violates the IETF spec that says the source and destination are not supposed be changed, which NAT has to do in order to work.
And? Of course it does, but then malware breaks your computer ... There are plenty of things that 'violate protocol'. Some are needed for society to function :-)
NAT also makes it awkward to reach computers behind the firewall.
Yes. That's the point! From the POV of the people that use it for that - the 'lazy firewall' that I spoke of - this is a BENEFIT. Joe Sixpack doesn't _want_ all those nasty people out there, hackers, governments, his kids friends, the IRS, reaching into his computer.
For example, to reach my imap server via IPv4, I have to configure my firewall to specifically pass that traffic to that particular server.
Are you talking about in or out? Lets see: I have ISPs all over the world with mailboxes. I have a machine behind a NAT router/firewall. My fetchmail (or Joe Sixpack's Thunderbird) has no problem fetching mail from them by IMAP. Incoming ... I keep my mail on one "mailhub". That's all I need an incoming link to.
That works OK for only one computer, but what happens when you want to reach other computers with the same protocol?
Like for example?
On the other hand, I can reach all my computers with their own addresses with IPv6.
So you have no filtering? That scares me.
At the moment, it appears all the IPv4 address blocks will be taken in about a year.
I hate to tell you, but when I was running an ISP in the early 1990s, the domain authorities told me that. As an ISP we wanted a class B or pretty much the reasons you describe. In reality we had to justify each and every class C. We were told that we should suggest to our clients that they use NAT. The sky has been falling for 20+ years. Haven't they just released on of the 'reserved' class A nets? (And yes, I know this terminology is archaic, but its how they though back then when this was set up and they were allocating them.)
Pretending all is well with IPv4 and NAT is extremely short sighted.
Indeed. But then the IPprotocol itself is short sighted compared to some others around that are more suited to high-speed streaming.
In addition, the current situation with IPv4 requires complex routing tables, which slows down router performance at ISPs.
That isn't a failure of IPV4 so much as a demonstration of the success of the Internet. Its grown beyond its design limits. I'm sure we'll say the same about IPV6 when we have to deal with traffic to COMSATS and the moon and Mars. The dominance of NAT was never intended. Its 'success' and persistence is due to marketing and the success of the Internet as a commercial medium. You seem to think that I'm saying NAT is a good thing.
From the POV of some marketing people and small first that have addressed the needs of Joe Sixpack (and done well enough in the process to be bought out by larger firms - the "American Success Story" - so creating millionaires out of entrepreneurs) it has been a good thing. Marketing is rarely interested in offering the technical Ne Plus Ultra to start with. Just come up with something a bit better than the competitor and leave some room for next year's model.
There's a lot of the world where the technically superior has failed to make it when faced with a better marketed, more featured or more acceptable to the user product. All you say about the problems with NAT and the superiority of IPV6 are 100% correct and also 100% irrelevant to Joe Sixpack. Its going to take someone who can come up with some marketing edge - OR the Government issuing a DIRECTIVE THAT CANNOT BE IGNORED - before we instantly discard IPV4 and NAT in favour of IPV6. And do you really want the government - any government - dictating network strategy? -- The whole art of teaching is only the art of awakening the natural curiosity of young minds for the purpose of satisfying it afterwards. -- Anatole France (1844 - 1924), The Crime of Sylvestre Bonnard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org