|
|
|
|
|
|
by jeroenhd
1469 days ago
|
|
|
There are reasons to do some kind of NAT across IPv6. For example, switching ISPs may throw your internal network addressing in disarray which can be either a pain or a massive problem; NPTv6 will prevent that from being too much of an issue inside the premises, which should cover 95% of the issues. The best thing is that you keep most of the advantages of IPv6 (all addresses and all ports publicly reachable, foregoing the need for dangerous stuff like ALG) despite the address translation. Alternatively you could register an IPv6 address of your own but you'd need to find an ISP that will let you use that, which can be harder than you'd hope, or you could tunnel your entire connection through the cloud in a semi-NAT system. This isn't a problem for 99.9% of people and I'd wager it's not a problem for over 80% of businesses either. However, for companies with zealous network administrators and IP-based access control this is a real problem that needs solutions like NAT. |
|
|
Those are what ULA's do. A local router that provides global addresses and ULAs solves all your problems, and that's the default behaviour of OpenWRT (and probably other routers). If you want traffic to not leave your local network, listen to your ULA (fd00::whatever) and call it a day.