NPTv6 (Network Prefix Translation) according to RFC 6296 allows the translation of one IPv6 prefix to another IPv6 prefix. The translation is 1:1, in that an address from prefix A is mapped to an address from prefix B. Only the prefix part is translated, the host part is retained. This method thus works "stateless". NPTv6 cannot be used to mask an entire network behind a single address, as with IPv4.
Application scenarios for NPTv6 are, for example, VPNs or networks with dynamic prefixes that should be reachable whatever the public address. If the provider assigns a dynamic prefix, the prefix usually changes every time a connection is established. This is not desirable if certain resources require fixed IP addresses. With NPTv6, addresses from the (private) ULA range fd00::/8 are then assigned to the clients in the network and an NPTv6 rule maps these addresses to the provider prefix.
Another use case is a load balancer scenario with several Internet providers, with each provider assigning its own prefix. With NPTv6, addresses from the ULA range fd00::/8 are assigned to the clients in the network and a number of NPTv6 rules map these addresses to the provider prefixes.
- SNMP ID:
- 2.70.5.30
- Console path:
- Setup > IPv6 > Firewall