IPv6 and NAT question (hiding address for security reasons)
I know that with IPv6 we should not worry with lack of IP addresses and therefore NAT is not needed from a conservation of IP address space perspective.
From a security perspective, in my view it is still valuable to see internal IP address range hidden from the outside, so that unathorized external users and potencial attackers could not detect the internal IP address range so easily in order to conduct exploits.
That said, assuming a pure IPv6 environment in the future, what is the practical plan and technique people are using to 'hide' internal IPv6 address space?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...