|
|
|
|
|
|
by MichaelGG
4497 days ago
|
|
|
> 1. In theory.. IPv6...hierarchical. Is that even remotely close to being true in practise? Would we expect to see it be smaller than IPv4? Given the quadrupling of address sizes, wouldn't that mean there'd need to be 1/4th the number of routes? And peering destroys the hierarchy, does it not? I was under the impression that the hierarchical routing had an assumption that networks could renumber at will. So multiple subnets might map to the same host or something to that effect. Is that incorrect? >3. NAT is not a security feature Except it turns out that proper NAT is equivalent to a firewall with inbound deny, outbound allow. Which is a pretty good start for security. >ALG for every protocol Applications that break with NAT usually do so due to poor design (hey SIP and FTP). With a firewall with default inbound deny, programs can't just accept inbound connections without doing work anyways (UPnP or whatnot). Although sure, it makes known-two-way datagram applications easier since you start transmitting and get a flow opened. Wouldn't help TCP based applications, for instance. |
|
|
No.. the point is that each ISP will get only one very large prefix (/32 or bigger) instead of many small ones, which can't be aggregated like it is the case for IPv4.
Right now there are about 46k ASN's in the legacy internet announcing about 490k IPv4 routes. Best case with IPv6 you would end up with 46k routes.
In practise it looks like there are 8k ASNs in the internet announcing about 16k IPv6 routes. So while not perfect, it's still quite a lot better than for the legacy internet.
> Applications that break with NAT usually do so due to poor design
So how would you design a P2P application that has no poor design?