The point of the original article is that the Back to my Mac service can help to solve the v4 address problem
I didn't get that out of the original article at all. Frankly, I thought the article was confused on several points, but I never saw the author come out and claim that BTMM solves v4 address depletion.
Quote:
But the presentation that you link to shows that the user data is still over v4 (slide 12 par. 1) and that's the point.
I never claimed otherwise. All I claimed was that Comcast is preparing their core networks to handle IPv6. For the time being they are using it for management. But they have recently started making noises about how to offer IPv6 service to end-users (I'm referring to Alain Durand's dual-stack-lite proposal at the last IETF).
I don't understand the rest of your argument. I never suggested that any ISP would offer IPv6-only service to its customers. Doing so would be business suicide, since, as you mention, the v6 Internet is extremely small.
Quote:
Your point about the v6 routing table being smaller, I really don't follow (and neither do any of the vendors or network architects that I have discussed this with).
Because there should be significantly fewer IPv6 routes. Yes, multihoming works exactly the same was as with IPv4. But organizations should only need to advertise one v6 prefix, as opposed to the multitiude of tiny v4 prefixes that many advertise today.
NAT is not a security feature, and it will not protect you from the recent QuickTime vulnerabilities. Those were local exploits. If an attacker could trick a user into loading a malicious media file, they could exploit the hole. NAT offers zero protection from this type of attack.
Exactly. My point was that Daniel was suggesting NAT was part of the "security diapers" for Windows when it's not secure and unsecured OSX computers aren't protected by NAT either.
Comments
The point of the original article is that the Back to my Mac service can help to solve the v4 address problem
I didn't get that out of the original article at all. Frankly, I thought the article was confused on several points, but I never saw the author come out and claim that BTMM solves v4 address depletion.
But the presentation that you link to shows that the user data is still over v4 (slide 12 par. 1) and that's the point.
I never claimed otherwise. All I claimed was that Comcast is preparing their core networks to handle IPv6. For the time being they are using it for management. But they have recently started making noises about how to offer IPv6 service to end-users (I'm referring to Alain Durand's dual-stack-lite proposal at the last IETF).
I don't understand the rest of your argument. I never suggested that any ISP would offer IPv6-only service to its customers. Doing so would be business suicide, since, as you mention, the v6 Internet is extremely small.
Your point about the v6 routing table being smaller, I really don't follow (and neither do any of the vendors or network architects that I have discussed this with).
Because there should be significantly fewer IPv6 routes. Yes, multihoming works exactly the same was as with IPv4. But organizations should only need to advertise one v6 prefix, as opposed to the multitiude of tiny v4 prefixes that many advertise today.
NAT is not a security feature, and it will not protect you from the recent QuickTime vulnerabilities. Those were local exploits. If an attacker could trick a user into loading a malicious media file, they could exploit the hole. NAT offers zero protection from this type of attack.
Exactly. My point was that Daniel was suggesting NAT was part of the "security diapers" for Windows when it's not secure and unsecured OSX computers aren't protected by NAT either.