Re: Rate of growth on IPv6 not fast enough?

[Mohacsi Janos <mohacsi () niif hu>]

On Thu, 22 Apr 2010, William Herrin wrote:

> On Wed, Apr 21, 2010 at 11:31 PM, Owen DeLong <owen () delong com> wrote:
> > On Apr 21, 2010, at 3:26 PM, Roger Marquis wrote:
> > > William Herrin wrote:
> > > > > Not to take issue with either statement in particular, but I think there
> > > > > needs to be some consideration of what "fail" means.
> > > >
> > > > Fail means that an inexperienced admin drops a router in place of the
> > > > firewall to work around a priority problem while the senior engineer
> > > > is on vacation. With NAT protecting unroutable addresses, that failure
> > > > mode fails closed.
> > >
> > > In addition to fail-closed NAT also means:
> > >
> > >  * search engines and and connectivity providers cannot (easily)
> > >  differentiate and/or monitor your internal hosts, and
> > Right, because nobody has figured out Javascript and Cookies.
>
> Having worked for comScore, I can tell you that having a fixed address
> in the lower 64 bits would make their jobs oh so much easier. Cookies
> and javascript are of very limited utility.
>
> On the other hand, I could swear I've seen a draft where the PC picks
> up random unused addresses in the lower 64 for each new outbound
> connection for anonymity purposes. Even if there is no such draft, it
> wouldn't exactly be hard to implement. It won't take NAT to anonymize
> the PCs on a LAN with IPv6.


See RFC 4941: Privacy Extensions for Stateless Address Autoconfiguration 
in IPv6.

Regards,
        Janos Mohacsi