OK, as someone with experience running CGNAT to fixed broadband customers in general, here are a few answers to common questions. This is based on the setup I use which is CGNAT is done on the BNG (Cisco ASR1K6). 1. APNIC ran out of IPv4 a couple of years ago, so unless you want to pay USD $10+ per IP then CGNAT is the only option. 2. IPv6 is nice (dual stack) but the internet without IPv4 is not a viable thing, perhaps one day, but certainly not today (I really hate clueless people who shout to the hills that IPv6 is the "solution" for today's internet access) 3. 99.99% of customers don't notice they are transiting CGNAT, it just works. 4. You need to log NAT translations for LI purposes. (IP source/destination, Port source/destination, time) Surprisingly this does not produce that big a database burden. However as Cisco's Netflow NAT logging is utterly useless you need to use syslog and this ramps up the ASR CPU a bit. 5. NAT translation timeouts are important, XBOX and PlayStation suck. 6. 10,000 customers= approximately 200,000 active translations and 1-2 /24's to be comfortable 7. CGNAT protects your customers from all sorts of nasty's like small DDOS attacks and attacks on their crappy CPE 8. DDOS on CGNAT pool IP's are a pain in the rear and happen often. 9. In New Zealand we are not a state of the USA so spammed DCMA emails can be redirected to /dev/null. If a rights holder wishes to have a potential violation investigated (translation logs) they need to pay a $25 fee, so in general they don't bother. Police need a search warrant so they generally only ask for user info when they actually can justify it, so it's not a big overhead. 10. It is not uncommon for people who run some game servers and websites (like banks) to be completely clueless/confused about cgnat and randomly block IP's as large numbers of users connect from single IP. This is not a big issue in practice. cheers