2
Which Edge?
• end-user site / devices as the edge, orIP / upper-layer interface as the edge?
• either way, I disagree with premise of workshop — intelligence / control was originally at edge (either definition) but has been migrating to the “inside”:– firewalls– NATs– packet-hijacking caches– TCP helpers– layer 4-7 “routers”– ...
3
Why Current Direction is Bad
• inhibits introduction of new protocols / services
• gives monopoly control over services to the carriers
• makes Internet behavior harder to understand, manage, diagnose, and correct
• often reduces performance
• often reduces security
If only we had managed to deploy ubiquitous, end-to-end encryption of tranport headers and above...
4
IPv6 to Restore Edge Control
• eliminates need for NATs
• 2128 addresses should suffice for a Very Big Edge
• auto-configuration to make a Very Big Edge feasible
• built-in IPsec for security without “inside” agents, such as firewalls
Note: need not put IPv6 everywhere to get these benefits — just in edge devices and “internal edges”
5
IPv6 Status
• core specs are IETF Draft Standard => stable and well-tested
• all major host and router vendors have implementations at some stage of completeness
• current implementations already exceed IPv4 capabilities
• ongoing work to further improve functionality
Top Related