One of the things NAT has permitted us to do in the past decade is split physical services onto different servers whilst hiding behind a single interface.
For example, I have example.com
behind a NAT on 192.0.2.10
. I port-forward :80
and :443
to my web server. I'm also port forward :25
to my mail server, and :3389
to a terminal server and :8080
to the web interface of my computer that downloads torrents, and the story goes on.
So I have 5 port forwardings going to 4 different computers on example.com
.
Then, I go and get me some neat IPv6. I assign example.com
an IPv6 address of 2001:db8:88:200::10
. That's great for my websites, but I want to go to example.com:8080
to get to my torrents, or example:3389
to log on to my terminal server.
How can I do this with IPv6, as there is no NAT. Sure, I could create a bunch of new DNS entries for each new service, but then I have to update all my clients who are used to just typing example.com
to get to either the website or the terminal server. My users are dumber than two bricks so they won't remember to connect to rdp.example.com
.
What options do I have for keeping NAT-style functionality with IPv6?
In case you haven't figured it out, the above scenario is not a real scenario for me, or perhaps anyone yet, but it's bound to happen eventually. You know, with devops and all.