IPv6 and NAT¶
Though IPv6 removes most any need for NAT, there are rare situations that call for the use of NAT with IPv6 such as Multi-WAN for IPv6 on residential or small business networks.
Gone is the traditional type of ugly port translated NAT (PAT) where internal
addresses are translated using ports on a single external IP address. It is
replaced by a straight network address translation called Network Prefix
Translation (NPt). This is available in the pfSense® web configurator under
Firewall > NAT on the NPt tab. NPt translates one prefix to another. So
2001:db8:1111:2222::/64 translates to
the prefix changes, the remainder of the address will be identical for a given
host on that subnet. For more on NPt, see IPv6 Network Prefix Translation (NPt).
There is a mechanism built into IPv6 to access IPv4 hosts using a special
address notation, such as
::ffff:192.168.1.1. The behavior of these
addresses can vary between OS and application and is unreliable.