NAT6 prefix replacement, one to one with dynamic external IPv6 addresses

Does fw4 support auto NAT6 one-to-one translation with a dynamic external address pool?
Or any helper module in kernel I could use to add this function to nftables or routing framework.

The reason why I want is that ISP could offer me a dynamic IPv6 subnet(could be less than /64),
while I have a static IPv6 public address but not they won't be routed to gateway(like addresses I got from tunnelbroker).
I want to have a static IPv6 address while enjoying the high speed Internet.
I read the document about one to one NAT in ipv4, you need to add SNAT and DNAT rule one by one.
I even I won't not have more than 20 devices in my local network, I don't think it would be worth to do that.

I would whether there is a filter module in kernel that could replace the address prefix ? I think I don't even need the stateful NAT, one to one NAT would be stateless.

P.S.
The real case is more complex, I have two network outputs, one is under censorship while the other one only has one IPv6(NAT won't not be done in local gateway here but remote side).

1 Like

Hi ayaka, do you have a solution now? I think I have the same issue. Could you please share me your solution?

Symmetric dynamic IPv6 NPT

2 Likes