Jared Mauch: > The biggest feedback I hear from people about IPv6 (besides the extra > bits for addressses) is "Security", but they generally don't know what > that is outside marketing speak.
+1, in spades. Nor do these folk seem to appreciate that it's not the network that bears the greatest burden in providing that security. It is the clients. And that this is also true with IPv4. You don't get security if only the network is secure. Conversely, you can get security if the network is not secure. The /64 limitation only applies for SLAAC. Seems to me that there are many service providers with examples of links where SLAAC isn't applicable. I don't see why models that work with IPv4, like CIDR, must be rejected out of hand. Making IPv6 "less different" from IPv4 can only help its implementation, IMO. And too, good IPv6 ideas, like multiple addresses per client, also create new problems and new mechanisms for non-reachability, which are still having to be solved. Bert -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
