+ Below is a variation for also providing IPv6 NAT. This can be + especially useful when using multiple interfaces where some, + such as WiFi cards, can not be bridged (usually on a laptop), + making it difficult to provide end-to-end IPv6 routing. +
+ ++<network> + <name>default6</name> + <bridge name="virbr0"/> + <forward mode="nat"> + <nat ipv6='yes'> + <port start='1024' end='65535'/> + </nat> + + <ip address="192.168.122.1" netmask="255.255.255.0"> + <dhcp> + <range start="192.168.122.2" end="192.168.122.254"/> + </dhcp> + </ip> + <ip family="ipv6" address="fdXX:XXXX:XXXX:NNNN:: prefix="64"/> + </ip> +</network>+ +
IPv6 NAT addressing has some caveats over the more straight + forward IPv4 case. + RFC 4193 + defines the address range fd00::/8 for /48 IPv6 + private networks. It should be concatenated with a random 40-bit + string (i.e. 10 random hexadecimal digits replacing the X + values above, RFC 4193 provides + an algorithm + if you do not have a source of sufficient randomness). This + leaves 0 through ffff for subnets (N + above) which you can use at will.
+ +Many operating systems will not consider these addresses as + preferential to IPv4, due to some practial history of these + addresses being present but unroutable and causing networking + issues. On many Linux distributions, you may need to + override /etc/gai.conf with values + from RFC 3484 + to have your IPv6 NAT network correctly preferenced over IPv4.
+