Hi All, I've inherited a small network with a couple of Internet connections through different providers, I'll call them Slow and Fast. We use RFC 1918 space internally and have a pair of external firewalls that handle NAT and such. Due to internal policy (read money), some users default to the Slow connection and some default to Fast. Using probes and policy routing, a failure of one of the ISPs is generally transparent, outside of the usual session resets for things like ssh or remote control sessions). Looking forward to the next 12 months, we may have clients that are living in IPv6 space. Our ISPs are happy to give us IPv6 allocations and our network gear vendors either have GA IPv6 code now or will soon. We have been somewhat spoiled by our firewall/NAT boxes, the stuff just works for our needs and the combination of NAT and policy routing keeps people on the circuits they are paying for. Am trying to decide how I would implement this kind of policy in the new world of globally trackable^H^H^H^H^H^H^H routable IPs for my desktops. Solutions seem to be: 1) Purchase some BGP capable routers, grab PI space. Here I can obv choose outbound path, but we are typical in that our inbound to outbound is 6 or 7 to 1. 2) Assign PA space from the ISPs to the appropriate devices. What do I do when I loose a provider? 3) Make loud noises to my firewall vendor to include equivalent NAT/ISP failover functionality (even 6to6 NAT would be fine). Anyway, another sample of 1, but I do work for a managed services provider and see many small orgs facing similary choices. I personally am happy to use globally routable addresses and will work through the privacy and perceived security implications of NAT/nonat, I just want the same ease of use and flexibility I have today in a SMB environment. Cheers, -Allen