NAT and IPv6

IPv6 was designed to overcome the address limitations of IPv4 and to eliminate the need for Network Address Translation (NAT). As a result, IPv6 NAT is not a typical or recommended practice. However, there are some scenarios where organizations may want to perform IPv6 NAT for various reasons, such as security or address space management.

NAT66 is the term used for NAT that translates IPv6 to IPv6 addresses. Although IPv6 was designed to eliminate the need for NAT, there are cases where NAT66 might be considered, such as network renumbering, privacy concerns, or specific network segmentation requirements. Cisco routers with IOS XE or IOS XR support it.

It's essential to note that NAT66 is generally not recommended due to the large address space of IPv6, which is designed to remove the need for NAT. Native IPv6 connectivity is a more straightforward and efficient approach that avoids the complexities and potential issues associated with NAT. Whenever possible, opt for native IPv6 connectivity instead of using NAT66.

An example of how NAT66 can be configured in a Cisco IOS router can be found below:

! Enable IPv6 unicast routing ipv6 unicast-routing ! Configure the inside and outside interfaces interface GigabitEthernet0/0 description Inside Interface ipv6 address 2001:db8:1::1/64 ipv6 enable ipv6 nat inside no shutdown ! interface GigabitEthernet0/1 description Outside Interface ipv6 address 2001:db8:2::1/64 ipv6 enable ipv6 nat outside no shutdown ! Configure the static NAT66 translation ipv6 nat translation static 2001:db8:1::10 2001:db8:2::10