IPv6 NPT and NAT for Linux
For those who missed it, Linux is adding NAT for IPv6 to netfilter: http://www.spinics.net/lists/netfilter-devel/msg19979.html Along with tradition SNAT, and DNAT targets most of us are familiar with, a new NETMAP target is included that implements NPT (network prefix translation). I for one am happy to see this; despite not wanting to see people NAT IPv6 as the norm, having the NETMAP target will largely replace the use of SNAT and MASQUERADE for many deployments, while keeping those tools for the times when traditional NAT is desirable. -- Ray Soucy Epic Communications Specialist Phone: +1 (207) 561-3526 Networkmaine, a Unit of the University of Maine System http://www.networkmaine.net/
In a message written on Wed, Nov 30, 2011 at 03:14:07PM -0500, Ray Soucy wrote:
+1 Long overdue for many different reasons, be they political (stop the "nat doesn't exist in IPv6 nonsense") or practical, like the ability to translate IP based services to new addresses. For instance it might be nice to translate an old DNS server IPv6 address to a new working DNS server in some situations. NAT has many more applications than it's most popular RFC1918 PNAT to one IPv4 address, and IPv6 has been missing out on those other tools due to the regious nature of the "private address vrs public address" dogmas for that one, specific NAT application. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/
participants (3)
-
Dale W. Carder
-
Leo Bicknell
-
Ray Soucy