IETF Logo Mail Archive

Re: Domain Centric Administration, RE: draft-ietf-v6ops-natpt-to-historic-00.txt

Jun-ichiro itojun Hagino <itojun@itojun.org> Tue, 03 July 2007 17:51 UTC

Return-path: <ietf-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5mX3-0005kx-IQ; Tue, 03 Jul 2007 13:51:21 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5mX1-0005Rb-GB for ietf@ietf.org; Tue, 03 Jul 2007 13:51:19 -0400
Received: from coconut.itojun.org ([2001:240:501:0:204:23ff:fecb:8908]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I5mWW-0000l3-9f for ietf@ietf.org; Tue, 03 Jul 2007 13:51:19 -0400
Received: from coconut.itojun.org (localhost.itojun.org [127.0.0.1]) by coconut.itojun.org (Postfix) with ESMTP id DE66D233C6; Wed, 4 Jul 2007 02:50:45 +0900 (JST)
To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
In-reply-to: pbaker's message of Tue, 03 Jul 2007 10:18:17 MST. <198A730C2044DE4A96749D13E167AD37012F693E@MOU1WNEXMB04.vcorp.ad.vrsn.com>
X-Template-Reply-To: itojun@itojun.org
X-Template-Return-Receipt-To: itojun@itojun.org
X-PGP-Fingerprint: F8 24 B4 2C 8C 98 57 FD 90 5F B4 60 79 54 16 E2
From: Jun-ichiro itojun Hagino <itojun@itojun.org>
Date: Wed, 04 Jul 2007 02:50:45 +0900
Message-Id: <20070703175045.DE66D233C6@coconut.itojun.org>
X-Spam-Score: -2.8 (--)
X-Scan-Signature: c0bedb65cce30976f0bf60a0a39edea4
Cc: ietf@ietf.org
Subject: Re: Domain Centric Administration, RE: draft-ietf-v6ops-natpt-to-historic-00.txt
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Errors-To: ietf-bounces@ietf.org

>> PS: in openbsd community if you do not commit frequently=20
>> enough you will be scolded for being a slacker.
>
>Which is part of where we need to get to.
>
>What I propose is a brand, similar to WiFi that tells a customer, =
>whether home or enterprise that a product:
>
>1) Either
>	Will install itself automatically and seamlessly within a network that
>is under domain centric administration.
>
>	Will do the above, unless the network is not already under domain
>centric admin in which case it will establish the necessary DNS and DHCP
>infrastructure to support one (and yes would be nice if this also
>extended to redundancy).
>
>2) Supports both IPv4 and IPv6 seamlessly.
>
>3) Has a built in device cert and is able to perform 802.1X
>authentication to the network hub
>
>4) In the case of a wireless device supports a network configuration =
>mechanism that does not involve a user touching a keyboard.
>
>
>In other words you have the current Internet and the 'it-just-works' =
>Internet. And the IJW-Internet happens to support everything you need =
>for IPv6.

	from what i've gathered from information sources, the device you want
	to buy is the latest version of Apple AirPort Extreme base station.

	i do not have one myself so please verify it by yourself.  i have
	used it at meetings (Jun Murai has almost every version of it) as well
	as while i have been war-driving in Tokyo.  nice (or bad) thing for the
	latter case was that there was no access control enabled for
	6to4-based IPv6 for the particular base station i've associated with:-P

	(1-2) are already covered as it implements NAT for IPv4 if you want.
	it can be configured as a pure L2 bridge between ethernet and 802.11,
	if you got enough IPv4 address to spare.
	in terms of IPv6, it has a button or something to turn on IPv6, and it
	even speak 6to4 if there is no ISP device/contact to terminate static
	IPv6-over-IPv4 tunnel.  of course you can bridge IPv6 as well.

	(4) is of course covered, almost every Apple product ships with GUI.

	i'm not too sure about (3) but i hope someone from Apple to comment.
	if necessary i'll meet people in Apple Japan tomorrow so i can ask.
	the device i've used were configured either with WEP or no auth.

	it runs *BSD variant, if you run namp on it you should be able to know
	which *BSD it is.


	so, Apple is not slacking and KAME/*BSD are not too.

	MacOS X is shipped with IPv6 enabled by default since 10.2 (or 10.3?)
	timeframe, and from WWDC2007 comment by Steve Jobs there are 22 million
	machines which runs 10.2 and beyond, so there are 22 million IPv6
	enabled machines.

	MacOS X is good, it is basically having Macintosh Aqua GUI on top of
	a BSD variant.  you will love it.

itojun

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email