Question on NAT IPv6 NPt

ChrisJenk

My home network (LAN) uses ULAs, let's say fd00:1:2:3::/64 (not really this of course). My globally routable IPv6 subnet is (not really, just an example) 1111:2222:3333:4444::/64.

So on my WAN interface I have defined NPt for

External prefix: 1111:2222:3333:4444::/64

Internal prefix: fd00:1:2:3::/64

This works just great, as expected, except for one thing...

The system on the LAN with ULA fd00:1:2:3::20 maps to the global address 1111:2222:3333:4444::20 and can be accessed and pinged at that global address from the IPv6 Internet (I have rules that allow the ping and the required access).

If a system on the LAN, say with ULA fd00:1:2:3::10, pings the global address 1111:2222:3333:4444::20 then there is no response. Similarly for any other kind of IPv6 traffic to that global address from within the LAN. I'm not entirely clear why this is. If I add the same NPt mapping on the LAN interface as follows:

External prefix: 1111:2222:3333:4444::/64

Internal prefix: fd00:1:2:3::/64

Then things seem to work but (subjectively) seem a bit slower than usual. Is this the best way to allow these external addresses to be pinged and otherwise accessed from the LAN? Or is there a better approach? I'm after the least possible overhead of course.

Thanks.