With IPv6 there is almost no need for a NAT, since the principle reason for a NAT in an IPv4 world is helping the available addresses go further. Instead of using NATs for your private network you will be allocated a subnet, which is accessible from the outside world (if your router permits).
Basically your address gets assigned the first n bytes of the network address and you are free to choose what you do with the remaining bytes. Typically what will happen is that the remaining bytes are worked out automatically based on the MAC address of the network interface. Typically a /48 is assigned. This /48 is called a site. Sites are generally behind a network endpoint, eg a DSL modem, Ethernet connection or a tunnel. A single site consists of a network under the same administrative control.
When you are assigned the site prefix:
then you could tell your router that you have:
so that it assigns by default a subnet with id (any pair of colons indicate zero values between them):
If you have a client host on that network, whose interface has the MAC address:
then it's EUI-64 address is:
it's IPv6 link-local address will be:
then it's subnet address will become:
What happens here is that the MAC address, used as the interface identifier, is appended to the subnet prefix. The interface identifier is specified in 'Modified EUI-64' format (described in RFC 3587), so the values are transformed based on that format.
Note that the above describes a typical scenario which uses router advertisements. In a network using DHCPv6 the described approach will be similar, except the part of the address which uses the MAC address may be replaced with a suffix assigned by the DHCPv6 server.
A /48 contains 65536 /64's. As such you could make a very large network. This /48 contains:
0 2001:db8:18a:0000::/64 (also written as 2001:db8:18a::/64) 1 2001:db8:18a:0001::/64 (............... 2001:db8:18a:1::/64) 2 2001:db8:18a:0002::/64 (............... 2001:db8:18a:2::/64) ...................... 14 2001:db8:18a:000e::/64 15 2001:db8:18a:000f::/64 16 2001:db8:18a:0010::/64 (............... 2001:db8:18a:10::/64) 17 2001:db8:18a:0011::/64 (............... 2001:db8:18a:11::/64) 18 2001:db8:18a:0012::/64 ...................... 65534 2001:db8:18a:fffe::/64 65535 2001:db8:18a:ffff::/64 (............... 2001:db8:18a:ffff::/64)
All these subnets are available for your use, and you can pick them in any order that you want. Thus you don't have to use 2001:db8:18a::/64, you could also pick 2001:db8:18a:feed::/64.
Due to the sheer number of addresses per site, it is nearly impossible to scan every IP as it would take several hundred years to scan even at Gbit linespeeds.