Suggestion: release public IP
Since IPv4 became scarce resource. Will it be good idea to have an optional public IP (Amazon equivalent EIP) on DO?
E.g. one included public IP on gateway. While other droplets will SSH tunnel/NAT through the gateway, residing on private network? It can be done on pricing incentive, e.g. 20% off, depending on region. As well as that it will be good preventive measure, since I’ve seen a lot of cases when beginners roll out a VPS with no ufw or alike at all. Completely open to the internet.
Yes, I know NAT is evil and cannot be used as a network security measure. I’d advocate for state IPv6 mandatory certification for ISPs. And no router can be sold, unless it supports IPv6. Until then, it will be 5-10 years before an average Joe replace it’s dusty $10 IPv4 router, outlived by decade it’s cheap productions standards.
It will be wise release unused IPv4 instead of seeing “Cannot create a droplet in this region due to ....”
So far, I didn’t see cases to use separate IP per droplet, except:
- SNI + SSL (IE6 must die!!!)
- Website with SSL and pervasive OpenVPN with 443/TCP to get through the most paranoid firewalls. On the same account
These cases can bear the toll without distributing to everyone. When everyone holding one public IP, whether it is needed or not