[AusNOG] FW: [Ap-ipv6tf] official shutdown date for IPv4. The date he is pushing for is April 4, 2024. "IPv4 can't go on forever, " Latour said. "

[Matt Palmer]

[I apologise for turning ausnog into NANOG]

On Wed, Nov 05, 2014 at 05:47:36PM +1100, Ross Wheeler wrote:
> 
> 
> On Wed, 5 Nov 2014, Mike Everest wrote:
> 
> >I may be opening a can of worms here, but for a bit of fun…
> >I like NAT.  It solves a lot more problems that it causes (for me)
> 
> +1
> 
> I am truly scared of a world with eleventy-billion unpatched,
> unprotected, vulnerable/exploitable devices suddenly "directly
> reachable" by all those malware-infected, script-kiddies etc.

They're already directly reachable.

> Apart from any other conveniences NAT offers (more later), it gives
> the majority of the world "a degree" of protection from all these
> old windows boxes (particularly, but there are lots of other
> exploitable devices out there that haven't (yet) been widely
> impacted)

NAT isn't providing any protection there.  Stateful firewalling is.

> Sure, you can firewall/filter/protect IPv6. But how many of those
> eleventy-billion unpatched systems are GOING TO BE PROTECTED?

Pretty much all of them.  Every IPv6-capable SOHO router/modem/AP/waffle
iron I'm aware of comes with a stateful firewall enabled by default.

> Portability: being able to just "move" from one provider to another
> and not have to reconfigure all your home devices, because they just
> get NATed by your router just makes it SO easy for people. I'm
> PARTICULARLY looking at the "not-quite-trivial" home/SOHO networks
> here. A single machine or two, probably not so much, but there are
> an increasing number of people with everything from home automation
> systems, cameras, PVRs etc that for a variety of reasons seem to end
> up with static IPs, NAT makes their life very easy - in a way that
> IPv6 probably won't.

By "probably won't", I assume you've never actually tried this yourself?

- Matt