And just to reiterate, at no point did I claim that NAT is not possible with IPv6. It's just not necessary.
I was under the impression that NAT was regarded as a "bad thing" on IPv6, and that since everyone had a publicly routable address you shouldn't ever be using it.
I do get people's reticence to abandon the safety net of IPv4 NAT, but it's really as simple as dumping any packets that aren't on an "established" session on the firewall. Shit, Draytek do that straight out of the box (although they didn't initially - oops!)
My bugbear with IPv6 is that it was invented by somebody (or 1000 somebodies) looking at IPX with all of its autoconfiguration, and they pinched bits. But not enough to just let the client figure itself out. In the meantime we got stuff like DHCP for IPv4 and we're happy with that, but we suddenly have to configure using two mechanisms for IPv6? The firewall is absolutely the least of my worries...