IPv6.Yaritz.com - IPv6 help site

IPv6-NAT

NAT is a part of IPv4 that started with the intent of delaying the timeline where the internet is running out of IPv4 addresses.  However, it can be argued that this is no longer the main intent for using NAT.  NAT has morphed into a number of new good values that suggest it will stay.  If you are a person that wants it to die, just look at the people that are writing code for it as we speak.  NAT is here to stay.

  1. Prevent price gouging from IP address space limitation
  2. Allow internet provider with less than ten customers to be not considered an ISP
  3. On many-to-one versions of NAT, limit the number of incoming connections (firewallish)
  4. No need to renumber internal addresses. Renumbering happens in one place
  5. Expand the IPv4 address space due to expansion

If you have noticed, the original reason for the creation of NAT is now at the bottom of the list.  Anyone running NAT does not think about this being the reason that they are installing NAT.  There are a number of people that cannot get a personal IPv6 address range due to not being an official internt provider.  As soon as NAT becomes available for IPv6, IPv6 will flood the internet as a possible protocol!

EDIT: IPv6-NAT is already available in FreeBSD 6.2 and later as well as OpenBSD using these instructions.  Just use these instructions.  Looks like I need to download and install FreeBSD in order to validate these claims.  FreeBSD's PF is a stateful NAPT (NAT many to one).  This is useful for tracking IP communications through NAT.

If you are ready to deploy IPv6 without IPv6-NAT right now, there are a few notes to consider.  If you do not declare yourself an internet provider, you will need to change all the IPv6 addresses when you change your upstream ISP.  Oh and multihoming is out of the question, unless you get an AS number, which is only assigned to providers.

For more information on private addressing, Check out.  You can also create your own unique IPv6 private IP range.

A side note, when working with the *BSD systems.  Both pf and ipfw can be used at the same time.  Both firewalls work on multiple network interfaces at the same time with multiple protocols.

For more information different NAT6 platforms, Check out.