1
20.1 Legacy Series / IPv6 outbound NAT done with LLA instead of GUA
« on: March 23, 2020, 10:41:49 am »
Hello,
I want to use outbound IPv6 NAT. But the NAT is done using the Link Local Address (LLA) instead of GUA (Globally Unique Address) when NATing to "Interface Address". So of course I can't reach the Internet. How could I customize that ?
As a workaround I created an Interface alias in order to NAT to this alias' IP. (IP 2001:db8:8101:f700::1).
But it's a static address and I want to be able to NAT to an IP address obtained via SLAAC, because there is no guarantee that my ISP won't change the SLAAC prefix 2001:db8:8101:f700::/56. And I can't create an Interface Alias with a SLAAC obtained IP.
Thanks !
Romain
I want to use outbound IPv6 NAT. But the NAT is done using the Link Local Address (LLA) instead of GUA (Globally Unique Address) when NATing to "Interface Address". So of course I can't reach the Internet. How could I customize that ?
As a workaround I created an Interface alias in order to NAT to this alias' IP. (IP 2001:db8:8101:f700::1).
But it's a static address and I want to be able to NAT to an IP address obtained via SLAAC, because there is no guarantee that my ISP won't change the SLAAC prefix 2001:db8:8101:f700::/56. And I can't create an Interface Alias with a SLAAC obtained IP.
Thanks !
Romain
Code: [Select]
vtnet1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=c00b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,LINKSTATE>
ether 52:54:00:f2:98:08
hwaddr 52:54:00:f2:98:08
inet6 fe80::5054:ff:fef2:9808%vtnet1 prefixlen 64 scopeid 0x2
inet6 2001:db8:8101:f700:5054:ff:fef2:9808 prefixlen 64 autoconf
inet6 2001:db8:8101:f700::1 prefixlen 56
inet 192.168.1.10 netmask 0xffffff00 broadcast 192.168.1.255
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T <full-duplex>
status: active
Code: [Select]
nat on vtnet1 inet6 all -> (vtnet1:0) port 1024:65535