With my WAN iface being v4 and v6, is there a way to prefer using one over the other when packets are fwd'd out that iface (hide-nat as example).
The "happy eyeballs" algorithm on most operating systems prefers IPv6 over IPv4 if both resolve to an address (A or AAAA record). OPNsense uses what the client inside initiating the connection does. You could theoretically use NAT64 but it's far from common in a dual stack setup. You need it if you have only IPv6 and want to reach a destination that does not - like Github.
Thanks Patrick,
That makes sense.
With dual stack where IPv4 is mapped (not all do this), it's possible to send packets src v6 dst v4, and vice versa. It appears though this is not allowed just yet in IP protocol. Would be an easy way to slowly sunset v4 in favor of v6only.
NAT'ing would also be easy. 1:1 could just be a v4 inside and a v6 NAT outside.
Thanks.