[AusNOG] CGN limits

Michael Andreas Schipp MSchipp at a10networks.com
Sat Mar 2 15:54:53 EST 2013


John is correct - on top of a CGN deployment you can then enable port overloading.  This in effect give a much larger mapping to a single IP then 64K.

Port overloading allows a single NAT mapping to be used by more than one flow (inside user IP address and protocol port) when going to different destinations.

Thank you,

Michael A Schipp
Regional SE Manager ANZ
A10 Networks

Direct: 0402 907 928
Email: mschipp at a10networks.com<mailto:mschipp at a10networks.com>
WEB:     www.a10networks.com<http://www.a10networks.com/>
Twitter: @maschipp


From: John Edwards [mailto:jaedwards at gmail.com]
Sent: Saturday, 2 March 2013 1:34 PM
To: Michael Andreas Schipp
Cc: Paul Brooks; ausnog at lists.ausnog.net
Subject: Re: CGN limits

NAT doesn't have to be limited to 64Ki sessions per IP.

It's also possible to use the original destination IP as an identifier in the translation. This raises the limit to millions of sessions, or 64K per destination port/IP combo.

I've seen 270K simultaneous translations running through a single IP on commodity hardware. Not pretty, but it worked.

John


On 01/03/2013, at 11:13 PM, Michael Andreas Schipp <MSchipp at a10networks.com<mailto:MSchipp at a10networks.com>> wrote:
A /22 gives 1022 usable IPv4 address

CGN @ 1000 ports (64K per IP not using the well know ports) per user give 65408 subscribers - so is a /22 really that useless? I think not.

Note 1000 ports seems to be a safe number that we at A10 have used.  However in some GEOs we have used as low as 100 ports per user (due the whole county having next to no IPv4 space)

Yes the world as a whole should move to IPv6 - I think everybody agrees with that.

I see the process as;
Use CGN where it makes sense
Dual Stack
Use DS Lite, 6RD and MAP-E/I where you can (keeping in mind you need CPE's that can support that)
Native IPv6

Will we be keeping and supporting IPv4 for a VERY long time in my opinion.

Thank you,

Michael A Schipp
Regional SE Manager ANZ
A10 Networks

Direct: 0402 907 928
Email: mschipp at a10networks.com<mailto:mschipp at a10networks.com>
WEB:     www.a10networks.com<http://www.a10networks.com/>
Twitter: @maschipp


From: ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net> [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Paul Brooks
Sent: Friday, 1 March 2013 11:27 PM
To: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] APNIC Slashes Costs for New Members

On 1/03/2013 11:08 PM, Damian Guppy wrote:
The apnic policy is just trying to make entry to the market cheaper for the small players, then they can try and be shrewed with their pittence or start making enough to afford a larger range.

Actually, I think the theory is that with a /22, a new entrant can use CGNAT and oversubscribe it 100:1 or whatever ratio turns out to be optimum and support a significant number of subscribers, without having to have a larger range at all.
It might work if you pick your target customers carefully.

Paul
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130302/43bf65b2/attachment.html>


More information about the AusNOG mailing list