On Jul 24, 2007, at 15:43, Kurt Erik Lindqvist wrote:
On 24 jul 2007, at 21.08, Roland Bless wrote:[at some point, somebody wrote:]It will be really nice to make sure that we can progress with more parameters available in the RA.Yes, but host implementations must also be enable to make use of such features...It would be even better if there was even content I could access with or without those features...
"If you don't like the news, go out and make some of your own." -- Wes "scoop" Nisker
One of the concerns behind my original initiative to leave the *stateful* part of the IPv6 packet filter turned off by default in the AirPort Extreme 802.11n base station was my [apparently mistaken] judgment that the measurable benefits for network security it provided were heavily outweighed by the opportunity cost it posed by hindering the deployment of ad-hoc peer-to-peer applications where the vast majority of peers are expected to be at the end of the last mile in a residential deployment.
P2P applications already very difficult for average Internet users to participate effectively in such networks due to the stateful filtering in IPv4/NAT gateways, and services like UPnP IGD and NAT- PMP don't repair all the damage. If these packet filters are allowed to become ubiquitous in IPv6, then my fear is that the most likely applications that would otherwise be able to deliver that content you'd like to access, with or without any whizzy new router advertisement parameters, will never be developed for IPv6 where they might be simple enough for average users to operate. All the user complexity created by IPv4/NAT stateful filters will have been duplicated in the IPv6 stateful filters.
If we are not careful, IPv6 may be saddled with all the b0rkenneff that IPv4/NAT plagues us with today, without any measurable benefit beyond merely addressing the burdensomely high and rapidly increasing cost of public IP addresses. We are setting up a vicious circle.
+ Nobody will want to use IPv6 because there isn't any content worth accessing, while...
+ Nobody will develop content worth accessing because IPv6 is more difficult to use than IPv4, and in fact, is also broken fundamentally in ways that IPv4/NAT isn't, while...
+ Nobody will have any incentive to make IPv6 any easier to use because users aren't interested in any of the content available exclusively via IPv6, while... [lather, rinse, repeat]
If this happens, mark my words: IPv6 will wither and die-- and it will not be an honorable death, as IPv4/NAT will be wielding the sword that cuts it down. Those among us who really, really despise NAT might do well to bear in mind all the ways we could be undermining our own objectives by failing to consider how we might be preventing IPv6 from being usable by new applications in ways that IPv4/NAT will never be able to match.
Still working on polishing my philosophy essay. Sigh. -- james woodyatt <jhw@apple.com> member of technical staff, communications engineering