On 09/23/2015 11:16 PM, Marios Makassikis wrote: > On 23 September 2015 at 15:34, Giancarlo Razzolini <grazzol...@gmail.com> > wrote: >> Em 23-09-2015 04:40, Stuart Henderson escreveu: >>> Saves messing about with DHCPv6-PD >> >> I see. So you translate from what exactly? Wouldn't it be better to use >> af-to instead of nat? > > Hello, > > Rather than announcing the prefix obtained via DHCPv6-PD you can pick a prefix > from fd00::/8 and announce that on your network. > It is the equivalent to RFC1918 addresses, except it is for IPv6. > Therefore, it is > not routable and you need to perform NAT on it. The global address is the one > the router obtained via static configuration/SLAAC/DHCPv6, which will then be > used by all your clients. > >> But I can relate to that, given that my CPE will >> give me a PD, but won't route packets back because it thinks the prefix >> is reachable using NDP. Hence the need for a proxy, which OpenBSD >> currently doesn't have. >> >> Cheers, >> Giancarlo Razzolini >> > > Your CPE will see only the OpenBSD router's address so it should work.
... as long as IPv6 addresses are not embedded in the app protocol. FWIW, I wouldn't go this way. ULAs (fd00::/8) erver a different purpose: e.g., still be able to communicate within your network if global connectivity/addressing fails. Thanks, -- Fernando Gont e-mail: ferna...@gont.com.ar || fg...@si6networks.com PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1