the alleged evils of NAT, was Rate of growth on IPv6 not fast enough?

Mark Andrews marka at isc.org
Thu Apr 29 00:33:02 UTC 2010


In message <A3F2FF6F-AFE3-4ED1-AD33-5B627724930B at virtualized.org>, David Conrad
 writes:
> Mark,
> 
> On Apr 28, 2010, at 3:07 PM, Mark Andrews wrote:
> >> Perhaps the ability to change service providers without having to =
> renumber?
> >=20
> > We have that ability already.  Doesn't require NAT.
> 
> Cool!  You've figured out, e.g., how to renumber authoritative name =
> servers that you don't have direct control over!

Don't do that.  It was a deliberate design decision to use names
rather than IP addesses in NS records.  This allows the operators
of the nameservers to change their addresses when they need to.

B.T.W. we have the technology to automatically update delegations
if we need to and have for the last 10 years.  People just need to
stop being scared about doing it.

> And modify filter =
> lists on a firewalls across an enterprise network!  And remotely update =
> provisioning systems and license managers without interrupting services! =
>  Etc., etc.
> 
> http://www.rfc-editor.org/internet-drafts/draft-carpenter-renum-needs-work=
> -05.txt
> 
> A tiny home office network managed by a highly technical individual with =
> full control over all aspects of the network is not a good model on =
> which to base the definition of "we".
> 
> Regards,
> -drc

Well if you insist on using IP addresses rather than real crypto for access
control.

Mark

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org




More information about the NANOG mailing list