Fri Nov 19, 2021 8:51 pm
Basic idea is to have globally-routable addresses on all LAN hosts. Ideally ISPs would hand out a few /64 prefixes (in a block, so handing out a /60 oor /56 prefix to one ISP client) and router receiving such prefix can then use one prefix per LAN.
When it comes to traffic, router in IPv6 simply routes traffic between interfaces, it doesn't do any NAT (neither src-nat nor dst-nat). Which means it is not possible to alter port used by service.
It is extremely important to have decent IPv6 firewall configured (in IPv4 NAT does function as a sort of firewall, not a very good one though). Beware that if one installs ipv6 package to an already configured ROSv6 device, default ipv6 config is not applied. One pissible way out is to export (not backup) running config, reset router to defaults and re-implement previous settings (possibly in different way, adhearing to MT's defaults which evolved with time and setup based on ancient defaults might be unoptimal).