But now you're relying on your ISP to do your network addressing for you. What happens when you have multiple sites? Now you have to do more ipv6 epicycles.
Sorry, guess I wasn’t clear. I’m talking about using NAT with IPv6 being the best way to set it up. Your ISP gives you a whole pool of public addresses you can use for hosting stuff publicly or forwarding or high availability. None of your devices will have public addresses. Then you use all of the private address space for your internal stuff.
I mean, there's a huge set of local IPv6 addresses for you to use, and odds are all of your computers are already using some (maybe more than 1). You don't need a NAT box at the network edge to set a private network. And iptables support what you described without a problem.
But most people prefer to allocate the public addresses to the actual computers, not route them by demand. So the edge machine acts only as a firewall. It's easier, and there are enough addresses.
I tried this. It doesn't work. First, which ISPs give you the static IPv6 blocks? Its pretty easy (for $10/month) to get a block of IPv4, but I had a hard time getting anyone to find any free IPv6 addresses (oddly).
