The Future of NPt



  • I read with great interest all the posts related to NPt.  I know that IPv6 purists will complain about NATting IPv6, but this is (a) not truly NAT and (b) an excellent solution to a problem I mentioned earlier in another post.  It's not NAT because there is a 1-1 correspondence between the routable global address seen by the WAN and the unique-local address used by the LAN.  This solves the problem of having DHCPv6 services provided by a machine other than the router.  I can use the DHCPv6 server to give the clients on the network unique-local addresses (with a fixed scope prefix) and let the router worry about their global addresses (with a possibly changing prefix).  This solves (or bypasses, I suppose) the issue of how to deal with prefix delegation if the DHCPv6 server and the router are not the same machine.  I think this is a great fix.  I've been using it flawlessly for over a month.  My question is has to do with a reference to NPt as a hack.  What is meant by this?  Is this a pfSense-proprietary solution or is there any mention of it in standards/committees?  Will it continue to be supported or do I need to worry about relying on a solution that may be short-lived?

    Thanks,
    Mike Pugh


  • Rebel Alliance Developer Netgate

    Actually technically it is NAT, it's just not PAT. In the strictest sense of the terms, anyhow.

    It's also going to be useful for IPv6 multi-WAN, otherwise you'd need to get BGP on every home router, which ISPs aren't likely to support.

    I don't see it going away anytime soon. It's a hack in the terms of the purists, but it fills a gap missing in the original specs. It's somewhat of a standard, though the actual RFC/docs escape me at the moment.



  • We're one of few vendors that support it right now, but it appears it'll be supported across the board with time. It's going to be necessary whether or not people like it, a lot of people want to see NAT gone entirely with IPv6, but that's just not feasible in a small network if you're multi-homed at least. It'll be around indefinitely, there simply aren't any other reasonable solutions for small site multi-homing in the foreseeable future, as well as other scenarios where it's helpful or required.



  • Do understand that VOIP traffic will break just as it did before, because the protocol saves the IP address(es) inside the voip packets.

    Only protocols that store the actual host address inside the packets will break, just as they do in a v4 NAT.


Log in to reply