IPv6 dynamic NAT
-
Is it "by design" not possible to use dynamic (hide) NAT on IPv6?
I know that this maybe not the perfect design to use, but my service provider (Telenor) only assigns /128 address.
-
Yes, that's bad. If your ISP isn't routing at least a /64 to you for your internal network, they're doing it wrong. I really doubt such a big provider would screw up v6 that badly, you sure you don't have some option for prefix delegation?
-
My mistake! It seems like the info I got was wrong, and they are actually assigning /48 (!).
Thx!
-
This is what providers should do… :P
Is it a static prefix or does it change?
A changing prefix gives you more anonymity, a static one gives you the possibility to offer services via that line. -
I assume that it is dynamic, pmisch. Which gives me a little headache one how to address internal servers. I have a few internal servers that I would like to assign ULA addresses, but it seems like I'm not able to assign a static ULA address to a "tracked interface" on my pfsense gateway…
Anyone with best practices on how to solve this? Assigning GLA's that might change for the internal servers does not seem to be a good option...
-
…
Anyone with best practices on how to solve this? Assigning GLA's that might change for the internal servers does not seem to be a good option...To expect a dynamic IPv6 prefix-delegation as a mature native IPv6 product, that you can use for a public server, is false.
Do not try to repair half-backed/donkeyed products. Achieve your goal with tunnel over IPv4, HE or SIXXS. IPv6 is a public exposure. -
Hello,
I have the same problem. We have two slow DSL-Connections with dynamic IPv6. There is now option to get a fixed IPv6 address from my ISP. So I need for load balacing dynamic "Destination IPv6 Prefix" in "NPt". I don't need an external access. It is necessary for my internal client.
Dynamic NPt in pfSense would be very nice.
Have a nice day!
Snowyrain
-
…
Anyone with best practices on how to solve this?...Why does an/your ISP issue a prefix /48 and not keep it the same number for you, despite you get it with DHCP6c(PD) (and they reserve the right to change/pull it ofcourse). ?
Why not just assume that your /48 is a permanent number (quasi-static) ? Because then next assign your LAN a subnet static or with DHCP6-server…
