On Thu, Apr 17, 2014 at 09:05:17PM -0500, Timothy Morizot wrote: > On Apr 17, 2014 7:52 PM, "Matthew Kaufman" <matt...@matthew.at> wrote: > > While you're at it, the document can explain to admins who have been > burned, often more than once, by the pain of re-numbering internal services > at static addresses how IPv6 without NAT will magically solve this problem. > > If you're worried about that issue, either get your own end user > assignment(s) from ARIN or use ULA internally and employ NAT-PT (prefix > translation) at the perimeter. That's not even a hard question.
Why use NAT-PT in that instance? Since IPv6 interfaces are happy running with multiple addresses, the machines can have their publically-accessable address and also their ULA address, with internal services binding to (and referring to, via DNS, et al) the ULA address; when you change providers, the publically-accessable address changes (whoopee!), but the internal service address doesn't. - Matt