CGNAT - Seeking Real World Experience
I'm crunching the numbers on the cost effectiveness of implementing CGN vs IPv4 auctions. The determining factor is how many ephemeral ports are reserved for each customer. This is for a residential broadband environment. Is anybody doing deterministic NAT/PAT (i.e. each customer gets X ports - no more, no less)? My thinking is that X=8192 would cover even the power users. However, with only 8 customers per public IPv4 address, CGN is not worth the trouble. With X=8192, our money and time would better be spent acquiring additional IPv4 space. Are people successfully using a smaller deterministic port allocation? What's your X? If I can't make the numbers work for deterministic NAT, I might be able to live with dynamic port assignments. Specifically, I'm referring to what vendor J calls "Port Block Allocation". I was thinking 1024 ports per block, with up to 8 blocks per customer (and a bunch of log correlation to determine who was using which ip:port tuple at a given datetime). I *can* make the math work out in favor of CGN if the average customer uses <= 3072 ports (3 blocks). But is that going to be enough? I'd love to hear other people's experiences. Thanks! -Adam
On Thu, Nov 24, 2016 at 7:05 PM Adam <adamkuj@gmail.com> wrote:
I'm crunching the numbers on the cost effectiveness of implementing CGN vs IPv4 auctions. The determining factor is how many ephemeral ports are reserved for each customer. This is for a residential broadband environment.
Is anybody doing deterministic NAT/PAT (i.e. each customer gets X ports - no more, no less)? My thinking is that X=8192 would cover even the power users. However, with only 8 customers per public IPv4 address, CGN is not worth the trouble. With X=8192, our money and time would better be spent acquiring additional IPv4 space. Are people successfully using a smaller deterministic port allocation? What's your X?
If I can't make the numbers work for deterministic NAT, I might be able to live with dynamic port assignments. Specifically, I'm referring to what vendor J calls "Port Block Allocation". I was thinking 1024 ports per block, with up to 8 blocks per customer (and a bunch of log correlation to determine who was using which ip:port tuple at a given datetime). I *can* make the math work out in favor of CGN if the average customer uses <= 3072 ports (3 blocks). But is that going to be enough? I'd love to hear other people's experiences.
Thanks! -Adam
We see around 70% of traffic using ipv6 (goog, fb, netflix, ... now cloudfront and Cloudflare ) , that takes a lot of the sting out of CGN cost. CB
Don't try detereministic NAT, it's not worth it. You'll waste a lot of port capacity on most users, and it might still be problematic for power users. Just try to match one user to one real IP, many sites/applications don't like when there are several requests from one user with different IPs. After that just stack as many users on one IP as you can and that's it. It's the only way CGN can be worth the trouble. If you really need to know who was using which port, just log them and correlate them when/if the need arises. On 24.11.2016 00:17, Adam wrote:
I'm crunching the numbers on the cost effectiveness of implementing CGN vs IPv4 auctions. The determining factor is how many ephemeral ports are reserved for each customer. This is for a residential broadband environment.
Is anybody doing deterministic NAT/PAT (i.e. each customer gets X ports - no more, no less)? My thinking is that X=8192 would cover even the power users. However, with only 8 customers per public IPv4 address, CGN is not worth the trouble. With X=8192, our money and time would better be spent acquiring additional IPv4 space. Are people successfully using a smaller deterministic port allocation? What's your X?
If I can't make the numbers work for deterministic NAT, I might be able to live with dynamic port assignments. Specifically, I'm referring to what vendor J calls "Port Block Allocation". I was thinking 1024 ports per block, with up to 8 blocks per customer (and a bunch of log correlation to determine who was using which ip:port tuple at a given datetime). I *can* make the math work out in favor of CGN if the average customer uses <= 3072 ports (3 blocks). But is that going to be enough? I'd love to hear other people's experiences.
Thanks! -Adam
I had given some numbers for PBA in http://puck.nether.net/pipermail/cisco-nsp/2016-February/101908.html -- Tassos Adam wrote on 23/11/16 23:17:
I'm crunching the numbers on the cost effectiveness of implementing CGN vs IPv4 auctions. The determining factor is how many ephemeral ports are reserved for each customer. This is for a residential broadband environment.
Is anybody doing deterministic NAT/PAT (i.e. each customer gets X ports - no more, no less)? My thinking is that X=8192 would cover even the power users. However, with only 8 customers per public IPv4 address, CGN is not worth the trouble. With X=8192, our money and time would better be spent acquiring additional IPv4 space. Are people successfully using a smaller deterministic port allocation? What's your X?
If I can't make the numbers work for deterministic NAT, I might be able to live with dynamic port assignments. Specifically, I'm referring to what vendor J calls "Port Block Allocation". I was thinking 1024 ports per block, with up to 8 blocks per customer (and a bunch of log correlation to determine who was using which ip:port tuple at a given datetime). I *can* make the math work out in favor of CGN if the average customer uses <= 3072 ports (3 blocks). But is that going to be enough? I'd love to hear other people's experiences.
Thanks! -Adam
participants (4)
-
Adam -
Ca By -
Stepan Kucherenko -
Tassos Chatzithomaoglou