In message <CABidiTJH=+okpf7owu+2v4melaigmtqe3zdfr51jukrtphf...@mail.gmail.com> , Philip Dorr writes: > On Thu, Jun 4, 2015 at 12:16 PM, Christopher Morrow > <[email protected]> wrote: > > On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong <[email protected]> wrote: > >> I=E2=80=99d argue that SSH is several thousand, not a few hundred. In an= > y case, I suppose you can make the argument that only a few people are tryi= > ng to access their home network resources remotely other than via some sort= > of proxy/rendezvous service. However, I would argue that such services exi= > st solely to provide a workaround for the deficiencies in the network intro= > duced by NAT. Get rid of the stupid NAT and you no longer need such service= > s. > > > > This is an interesting argument/point, but if you remove the rendevous > > service then how do you find the thing in your house? now the user has > > to manage DNS, or the service in question has to manage a dns entry > > for the customer, right? > > You do not remove the locating service, what you remove is the remote > proxy service.
And the DNS is the simplest location service. Windows boxes and Mac's can register themselves in the DNS today using standardised protocols. This really isn't a hard thing to do. All you need is a fully qualified hostname, addresses and update credentials (username/password (TSIG) or a public key pair SIG(0)) and you can update the addresses records using the DNS and UPDATE. Windows uses GSS-TSIG (Kerberos) to authenticate the UPDATE request. In theory it could also use plain TSIG and/or SIG(0). What is hard is giving them a globally unique address today because it doesn't exist for 99.9% of the devices connected in the world due to the world having run out of IPv4 address about ~20 years ago. At the moment we are at ~1 address per household for IPv4. We are heading into < 1 address per household for most of the households in the world. For a Mac you do System Preference -> Sharing -> Edit and Tick "Use dynamic global hostname" add the hostname and TSIG credentials (User/Password). The Mac will save them. The Mac will then update the address records for itself as they change. What has to happen is making this a regular part of setting up a machine for the first time. This requires other OS vendors adding equivalent functionality to their OS's. > For example with a webcam on IPv4, you would connect to website to > download the video. The camera would also connect to the website to > upload the video. > > On IPv6 the webcam would connect to the website to say that it is > alive and what its IP is. You would connect to the website and your > computer would get the IP and directly connect to the webcam. If > there were multiple people connecting, you may even be able to use > multicast. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected]
