Dave Cridland wrote: > Martin Rex <mrex@xxxxxxx> wrote: > >> The majority of home users actually do not want and do not need to >> run any service in the first place. > > You're surely joking? Nope, I'm dead serious. > > Let's assume that by "service" you actually meant "service accessible to > anywhere on the internet", because it's just silly to assume you might have > meant internal services. Correct. "Services" attached to the home network and accessed from within the home network don't care about the IPv4 address on the WAN interface of your home gateway. They would have to care about changing network prefixes of a home gateway that provided end-to-end transparent IPv6, on the other hand, and that would be a real nightmare. > > There's a fairly large number of devices sold with the explicit feature > that they have a [horrendously complex] mechanism by which they're > reachable from the outside world. > > The Western Digital NAS I have sitting on a bookshelf in my office is one > such, as is the HP printer behind me. There are various digital TV set-top > boxes that are able to be programmed to record from outside the consumer's > network, too. While that might be true, the security of most of these devices is so ridiculously lame (read _not_ there), that *EVERYONE* is better off when few to none of these ever become transparently accessible from the internet. And for those devices that aren't huge gaping security problem as shipped, they *ALL* turn into one within a few months. > > These aren't obscure undocumented features; these are headline USPs. Pretty much all of them are irresponsible features from a product safety perspective, and NAT is probably the best (and by far most important) thing that happened to the internet after the invention of the World Wide Web. > > They're not *public* services, of course, but they're certainly services in > every meaningful technical sense, and they're all reliant on weird hacks, > proxy services, and so on. IPv6 instantly makes these simpler for > developers and users. If the equipment running these services were transparently accessible from the internet by default, then the vast majority of them would also be publicly accessible without the owners consent and probably without the owners knowlegde. -Martin