e Video also does, but of course only if you're streaming to an
>> IPv6-capable device.
>>
>> https://www.vyncke.org/ipv6status/detailed.php?country=us
>> <https://www.vyncke.org/ipv6status/detailed.php?country=us>
>>
>> Definitely some laggards, but if y
https://www.google.com/intl/en/ipv6/statistics.html
On Tue, Oct 8, 2024 at 1:19 PM Jon Lewis wrote:
> I'm not so sure about that. Our customers are all offered dual-stack
> (DHCPv6, DHCPv6-PD). Do any of the common streaming services support v6
> yet? Last I checked, Hulu did not.
>
> On Tu
Hi Jon,
Are you dual stack? v6 would solve some of these issues?
On Tue, Oct 8, 2024 at 12:20 PM Jon Lewis wrote:
> We started rolling out CGNAT about 6 months ago. It was smooth sailing
> for the first few months, but we eventually did run into a number of
> issues.
>
> Our customer base i
e
>
> -Original Message-
> From: NANOG <mailto:hilcostreambank@nanog.org>> On Behalf Of Lucien Hoydic via NANOG
> Sent: Tuesday, October 8, 2024 5:04 PM
> To: nanog@nanog.org <mailto:nanog@nanog.org>
> Subject: Re: CGNAT growing pains
>
> This
Lee
-Original Message-
From: NANOG On Behalf
Of Lucien Hoydic via NANOG
Sent: Tuesday, October 8, 2024 5:04 PM
To: nanog@nanog.org
Subject: Re: CGNAT growing pains
This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links
and attachments.
Anyone know the penetra
First, roll out IPv6 if you haven't yet. That should relieve a lot of pressure
on your pool size, and gives customers a workaround for some of the weird
things ("Use the IPv6 address instead of IPv4.").
Second, build your own geofeed. You can create a CSV providing as much detail
as you want, d
8, 2024 5:04 PM
To: nanog@nanog.org
Subject: Re: CGNAT growing pains
This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links
and attachments.
Anyone know the penetration rate of IPV6 for home users (cable modem)? I know
that some of the CPE doesn't even properly
Anyone know the penetration rate of IPV6 for home users (cable modem)? I know
that some of the CPE doesn't even properly support IPV6 such as the stuff being
handed out by RCN/Astound.
We just got our IPV6 allocation from ARIN and everything here is now dual
stack. Was relatively painless.
O
You may have run in to this, but Hulu also limits (or they were before I
canceled the service personally) the number of “homes” you can use it at,
and they tracked this by IP. So, if your customer’s IP changes more than a
few times a year they will not be able to use the service they’re paying
for.
We have ~60,000 subs on ftth, dsl and cable modem, behind several
Juniper MX routers MX960's with MS-MPC-128G (ftth and cm) and MX104
with MS-MIC-16G (dsl) and doing well. We a had some growing pains,
issues, but were resolved with, app, eim, eif, and source ip load
balancing on AMS interf
On 10/8/24 1:19 PM, Jon Lewis wrote:
I'm not so sure about that. Our customers are all offered dual-stack
(DHCPv6, DHCPv6-PD). Do any of the common streaming services support
v6 yet? Last I checked, Hulu did not.
I just checked and it looks like Youtube and Netflix do which is a
pretty g
I'm not so sure about that. Our customers are all offered dual-stack
(DHCPv6, DHCPv6-PD). Do any of the common streaming services support v6
yet? Last I checked, Hulu did not.
On Tue, 8 Oct 2024, Michael Thomas wrote:
Hi Jon,
So is this easier than what the mobile carriers are doing -- 46
Hi Jon,
So is this easier than what the mobile carriers are doing -- 464xlat,
isn't it? Probably a sizeable portion of the traffic would be running
native v6, right? Obviously it wouldn't run into these sorts of problems.
Mike
On 10/8/24 12:19 PM, Jon Lewis wrote:
We started rolling out CGNA
We have had very good success with A10 vthunder on rural broadband
co-op networks for Resi subscribers. No problems with the NAT aspect,
literally 0. Operationally it just works. Games, streaming, xbox,
nintendo switch, all just works.
We typically do 32:1 or about 2000 udp/tcp ports allocated
@nanog.org] On
Behalf Of Masataka Ohta
Sent: Thursday, March 31, 2022 3:56 AM
To: nanog@nanog.org
Subject: Re: CGNAT scaling cost (was Re: V6 still not supported)
Vasilenko Eduard via NANOG wrote:
> CGNAT cost was very close to 3x compared to routers of the same
> performance.
That sho
Vasilenko Eduard via NANOG wrote:
CGNAT cost was very close to 3x compared to routers of the
same performance.
That should be because you are comparing cost of carrier,
that is telco, grade NAT and consumer grade routers.
Remember the cost of carrier grade datalink of SONET/SDH.
t possible for a big system?) then
the port cost would start from 2x (+ common components).
Eduard
-Original Message-
From: Jared Brown [mailto:nanog-...@mail.com]
Sent: Wednesday, March 30, 2022 8:17 PM
To: Vasilenko Eduard
Cc: nanog@nanog.org
Subject: Re: RE: CGNAT scaling cost (was V6
Hi Eduard,
Do I interpret your findings correctly, if this means that CGNAT costs scale
more or less linearly with traffic growth over time?
And as a corollary, that the cost of scaling CGNAT in itself isn't likely a
primary driver for IPv6 adoption?
- Jared
Vasilenko Eduard wrote:
>
> CGNA
CGNAT cost was very close to 3x compared to routers of the same performance.
Hence, 1 hop through CGNAT = 3 hops through routers.
3 router hops maybe the 50% of overall hops in the particular Carrier (or even
less).
DWDM is 3x more expensive per hop. Fiber is much more expensive (greatly varies
We thought about it for a while at the ISP where I work, and went with Juniper
MX960's w/MS-MPC-128G. Been working quite nice for us.
Initially, we went with smaller MX104 w/MS-MIC-16G to prove it out on our
~4,000 lower bandwidth DSL customers... when convinced, we then went all in
with multi
ia 7750's with ESA "cards" are a massively scalable
option.
-Original Message-
From: NANOG On Behalf Of Kevin Burke
Sent: Thursday, 4 March 2021 6:42 am
To: Jared Brown ; nanog@nanog.org
Subject: Re: CGNAT
Can you share your cost comparison?
oreseeable future.
To echo Owen, in general, the economics today still work out to make
purchasing addresses more favorable than CGNAT.
- Jared
Sent: Tue Feb 2314:36:48 UTC 2021
From: Kevin Burke kburke at burlingtontelecom.com
To: nanog@nanog.org
Subject: Re: CGNAT
Sent: Tue Feb 2314:36:48 UTC 2021
From: Kevin Burke kburke at burlingtontelecom.com
To: nanog@nanog.org
Subject: Re: CGNAT
We are looking at implementing a similar solution with A10 for CGNAT.
We've been in touch with A10. Just wondering if there are some alternative
vendors that anyone
ying CGNAT without first deploying IPv6 are burning cash.
Yep.
I still think that implementing CGN is a good way to burn cash vs. the
alternatives, but YMMV.
Owen
>
> - Jima
>
> From: NANOG On Behalf Of Owen DeLong
> Sent: Sunday, February 21, 20
g
> Sent: Sunday, February 21, 2021 16:59
> To: Steve Saner
> Cc: nanog@nanog.org
> Subject: Re: CGNAT
>
>
> On Feb 18, 2021, at 8:38 AM, Steve Saner wrote:
>
>> We are starting to look at CGNAT solutions. The primary motivation at the
>> moment is to extend cur
; Sent: Saturday, 20 February 2021, 9:04 am
>> To: Steve Saner
>> Cc: nanog@nanog.org
>> Subject: Re: CGNAT
>>
>> Why not go whole hog and provide IPv4 as a service? That way you are not
>> waiting for your customers to turn up IPv6 to take the load off your
2021, 9:04 am
> To: Steve Saner
> Cc: nanog@nanog.org
> Subject: Re: CGNAT
>
> Why not go whole hog and provide IPv4 as a service? That way you are not
> waiting for your customers to turn up IPv6 to take the load off your NAT box.
>
> Yes, you can do it dual stack but yo
Hi Steve
We are looking at implementing a similar solution with A10 for CGNAT.
We've been in touch with A10. Just wondering if there are some alternative
vendors that anyone would recommend. We'd probably be looking at a solution to
support 5k to 15k customers and bandwidth up to around 30-40 g
Pv6 are burning cash.
- Jima
From: NANOG On Behalf Of Owen DeLong
Sent: Sunday, February 21, 2021 16:59
To: Steve Saner
Cc: nanog@nanog.org
Subject: Re: CGNAT
On Feb 18, 2021, at 8:38 AM, Steve Saner wrote:
> We are starting to look at CGNAT solutions. The primary motivation at the
> m
> On Feb 18, 2021, at 8:38 AM, Steve Saner wrote:
>
> We are starting to look at CGNAT solutions. The primary motivation at the
> moment is to extend current IPv4 resources, but IPv6 migration is also a
> factor.
IPv6 Migration is generally not aided by CGNAT.
In general, the economics toda
On 19/02/2021 20:11, Tony Wicks wrote:
> Because then a large part of the Internet won't work
Hey, look on the bright side: customers won't be able to use Twitter to
complain! :D
Ofc, IPv4aaS has many good success stories out there; Sky Italia are
running MAP-T, many, many mobile ISPs are run
ay, 20 February 2021, 9:04 am
> To: Steve Saner
> Cc: nanog@nanog.org
> Subject: Re: CGNAT
>
> Why not go whole hog and provide IPv4 as a service? That way you are not
> waiting for your customers to turn up IPv6 to take the load off your NAT box.
>
> Yes, you can do it d
From: NANOG on behalf of Mark
Andrews
Sent: Saturday, 20 February 2021, 9:04 am
To: Steve Saner
Cc: nanog@nanog.org
Subject: Re: CGNAT
Why not go whole hog and provide IPv4 as a service? That way you are not
waiting for your customers to turn up IPv6 to take the load off your NAT box.
Yes
Because then a large part of the Internet won't workFrom: NANOG on behalf of Mark Andrews Sent: Saturday, 20 February 2021, 9:04 amTo: Steve SanerCc: nanog@nanog.orgSubject: Re: CGNATWhy not go whole hog and provide IPv4 as a service? That way you are not waiting for your customers to turn up
Why not go whole hog and provide IPv4 as a service? That way you are not
waiting for your customers to turn up IPv6 to take the load off your NAT box.
Yes, you can do it dual stack but you have waited so long you may as well miss
that step along the deployment path.
--
Mark Andrews
> On 20 Feb
Not the Cheapest option out there but the most rock solid one I have found is
to install the extended service/multi service cards in the BNG and do it
locally there. We are currently using both Juniper MX480/960 with MS-MPC cards
and Nokia 7750 SR with ISA or ESA cards. Its also well worth runni
I recommend you to take a look at DANOS.
https://danosproject.atlassian.net/wiki/spaces/DAN/pages/416153601/Carrier+Grade+NAT+CGNAT
- A very active open-source project.
- Sponsored by AT&T.
- Uses Vyatta (and DPDK for good performance)
- The Routing Engine is based on FRR.
- Syntax sounds like Ju
On 7/Jul/20 19:23, JORDI PALET MARTINEZ via NANOG wrote:
>
>
> There was, long time ago, something developed by ISC, but I think
> never completed and not updated …
>
>
>
> 464XLAT is always a solution and becomes much cheaper, than CGN from
> vendors, even if you need to replace the CPEs. I
> On 8 Jul 2020, at 03:23, JORDI PALET MARTINEZ via NANOG
> wrote:
>
> Hi Douglas,
>
> There was, long time ago, something developed by ISC, but I think never
> completed and not updated …
ISC did a DS-LITE implementation called AFTR. This can be found at:
https://ftp.is
As someone who has spent quite a long time building CGNAT solutions I have some
good news for you, there is an easy solution to your below point that works
exceptionally well. The solution is dual stack IPv6, its trivial to route your
IPv6 to bypass the CGNAT device you are using and pretty much
DANOS 2005 seems to support a lot of your requirements.
https://danosproject.atlassian.net/wiki/spaces/DAN/pages/320634926/DANOS+2005+Release+Notes
So if you have an x86 box with supported NICS you should be able to get
some decent performance from it.
The major gotcha in this release is I think
Hi Douglas,
There was, long time ago, something developed by ISC, but I think never
completed and not updated …
464XLAT is always a solution and becomes much cheaper, than CGN from vendors,
even if you need to replace the CPEs. I’m doing that now with 25.000.000
subscribers … (slowed dow
Ca By wrote:
The proper number to be considered should be percentage of IPv6
hosts which can not communicate with IPv4 only hosts.
Isn't it 0%?
I think you agree with me, here.
For those of us running networks, especially growing networks, uniquely
numbering hosts is our goal and ipv6 fits
And more and more CPE providers support it.
See RFC8585.
I inititally started using OpenWRT, but now I already got samples from several
vendors.
Regards,
Jordi
@jordipalet
El 30/4/20 6:16, "NANOG en nombre de Ca By" escribió:
On Wed, Apr 29, 2020 at 7:17 PM Brand
On Wed, Apr 29, 2020 at 7:17 PM Brandon Martin
wrote:
> On 4/29/20 10:12 PM, William Herrin wrote:
> >> What allows them to work with v6 in such an efficient manner?
> > A piece of client software is installed on every phone that presents
> > an IPv4 address to the phone and then translates packe
On Wed, Apr 29, 2020 at 7:46 PM Masataka Ohta <
mo...@necom830.hpcl.titech.ac.jp> wrote:
> Ca By wrote:
>
> >>>You can't eliminate that unless the CPE also knows what internal
> port
> >>> range it's mapped to so that it restricts what range it uses. If you
> >>> can do that, you can get rid
Ca By wrote:
You can't eliminate that unless the CPE also knows what internal port
range it's mapped to so that it restricts what range it uses. If you
can do that, you can get rid of the programmatic state tracking entirely
and just use static translations for TCP and UDP which, while nice,
On 4/29/20 10:12 PM, William Herrin wrote:
What allows them to work with v6 in such an efficient manner?
A piece of client software is installed on every phone that presents
an IPv4 address to the phone and then translates packets to IPv6 for
relay over the network. This works because T-Mobile h
On Wed, Apr 29, 2020 at 5:27 PM Thomas Scott wrote:
> > cell-phone environment. A classic small ISP fills a different niche.
>
> I've dealt with traditional cable and fiber SP environments, but I'm curious
> how the architecture differs so drastically with T-Mobile to allow v6 to work
> so seaml
On Wed, Apr 29, 2020 at 7:19 AM Ca By wrote:
> Since we are talking numbers ans hard facts
>
> 42% of usa accesses google on ipv6
>
> https://www.google.com/intl/en/ipv6/statistics.html
Be careful with those stats; they might not be telling you what you
think they are. For example, phone clients
cern.
-Aaron
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Robert Blayzor
Sent: Wednesday, April 29, 2020 9:14 AM
To: nanog@nanog.org
Subject: Re: CGNAT Solutions
On 4/28/20 11:01 PM, Brandon Martin wrote:
> Depending on how many IPs you need to reclaim and
On Wed, 29 Apr 2020, Robert Blayzor wrote:
So as a happy medium of about 2048 ports per subscriber, that's roughly
a 32:1 NAT/IP over-subscription ?
Yes, around that.
--
Mikael Abrahamssonemail: swm...@swm.pp.se
Thank you everyone for the suggestions.
To clarify small ISP.
12K subscribers
35 Gigs traffic at peak.
Growing about 500 megs per month traffic.
John
On Tue, Apr 28, 2020 at 3:12 PM John Alcock wrote:
> Afternoon,
>
> I run a small ISP in Tennessee. COVID has forced a lot of people to work
On 4/29/20 10:29 AM, Mikael Abrahamsson wrote:
> There are some numbers in there for instance talking about 1024 ports
> per subscriber as a good number. In presentations I have seen over time,
> people typically talk about 512-4096 as being a good number for the bulk
> port allocation size.
So a
I haven't used them, but 6-WIND is pretty proud of their CGNAT performance.
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com
- Original Message -
From: "John Alcock"
To: nanog@nanog.org
Sent: Tuesday, April 28, 20
On Wed, 29 Apr 2020, Robert Blayzor wrote:
One would think a 1000 ports would be enough, but if you have a dozen
devices at home all browsing and doing various things, and with IOT,
etc, maybe not?
https://www.juniper.net/documentation/en_US/junos/topics/concept/nat-best-practices.html
There
How big is your ip pool for CGNAT?
On Wed, Apr 29, 2020 at 10:17 AM Robert Blayzor
wrote:
> On 4/28/20 11:01 PM, Brandon Martin wrote:
> > Depending on how many IPs you need to reclaim and what your target
> > IP:subscriber ratio is, you may be able to eliminate the need for a lot
> > of logging
hey,
I'm wondering if there are any real world examples of this, namely in
the realm of subscriber to IP and range of ports required, etc. ie: Is
is a range of 1000 ports enough for one residential subscriber? How
about SMB where no global IP is required.
One would think a 1000 ports would be
On Wed, Apr 29, 2020 at 1:06 AM Masataka Ohta <
mo...@necom830.hpcl.titech.ac.jp> wrote:
> Brandon Martin wrote:
>
> >> If you mean getting rid of logging, not necessarily. It is enough if
> >> CPEs are statically allocated ranges of external port numbers.
> >
> > Yes, you can get rid of the loggi
On 4/28/20 11:01 PM, Brandon Martin wrote:
> Depending on how many IPs you need to reclaim and what your target
> IP:subscriber ratio is, you may be able to eliminate the need for a lot
> of logging by assigning a range of TCP/UDP ports to a single inside IP
> so that the TCP/UDP port number implie
Brandon Martin wrote:
If you mean getting rid of logging, not necessarily. It is enough if
CPEs are statically allocated ranges of external port numbers.
Yes, you can get rid of the logging by statically allocating ranges of
port numbers to a particular customer.
And, that was the original
On 4/29/20 2:35 AM, Masataka Ohta wrote:
If you mean getting rid of logging, not necessarily. It is enough if
CPEs are statically allocated ranges of external port numbers.
Yes, you can get rid of the logging by statically allocating ranges of
port numbers to a particular customer.
What I w
Brandon Martin wrote:
You can't get rid of all the state tracking without also having the CPE
know which ports to use
If you mean getting rid of logging, not necessarily. It is enough if
CPEs are statically allocated ranges of external port numbers.
On 4/28/20 4:53 PM, William Herrin wrote:
How small is small? Up to a certain size regular NAT with enough
logging to trace back abusers will tend to work fine. if we're talking
single-digit gbps, it may not be worth the effort to consider the
wonderful world of CGNAT.
Depending on how many IPs
Take a look at DANOS for CG-NAT as a free solution or Netgate's TNSR has a
CG-NAT feature https://www.tnsr.com/features
On Tue, Apr 28, 2020 at 2:57 PM JORDI PALET MARTINEZ via NANOG <
nanog@nanog.org> wrote:
> I will say it is much better to consider 464XLAT with NAT64, if the CPEs
> allow it.
>
I will say it is much better to consider 464XLAT with NAT64, if the CPEs allow
it.
https://datatracker.ietf.org/doc/rfc8683/
I’m right now doing a deployment for 25.000.000 customers of an ISP (GPON, DLS
and cellular mix), all the testing has been done, and all doing fine.
I’ve done i
On Tue, Apr 28, 2020 at 12:12 PM John Alcock wrote:
> I run a small ISP in Tennessee. I am starting to run low on IP's and need to
> consider CGNAT.
Hi John,
How small is small? Up to a certain size regular NAT with enough
logging to trace back abusers will tend to work fine. if we're talking
Hi John, I run a small/medium ISP in Texas. A few years ago, needing to do the
same thing you are speaking of, I lab evaluated the Cisco ASR9k VSM-500 and
Juniper MX104 MS-MIC-16G… in the end I went with Juniper. No regrets, been
good and holding strong. I’ve scaled it way beyond what I origi
Just go with Linux and iptables. It is by far the cheapest option and it
just works.
tir. 28. apr. 2020 21.13 skrev John Alcock :
> Afternoon,
>
> I run a small ISP in Tennessee. COVID has forced a lot of people to work
> from home. I am starting to run low on IP's and need to consider CGNAT.
--
UDP256.256.191.133:12998 -> 256.256.130.4:80 Drop O
1
UDP256.256.191.133:2 -> 256.256.130.4:80 Drop O
1
- Aaron
-Original Message-
From: Compton, Rich A [mailto:rich.comp...@charter.com]
pton, Rich A [mailto:rich.comp...@charter.com]
Sent: Thursday, April 6, 2017 3:49 PM
To: Aaron Gould; 'Ahmed Munaf'; 'Nanog@Nanog'
Subject: Re: CGNAT
Hi Aaron, thanks for the info. I¹m curious what you or others do about
DDoS attacks to CGNAT devices. It seems that a single
while many web sites and apps don't support
> IPv4, enough do that it relieves some pressure on your CGN.
>
> Lee
>>
>> - Aaron
>>
>>
>> From: Michael Crapse [mailto:mich...@wi-fiber.io]
>> Sent: Tuesday, February 27, 2018 11:19 AM
>> To: Mi
n your CGN.
Lee
- Aaron
From: Michael Crapse [mailto:mich...@wi-fiber.io]
Sent: Tuesday, February 27, 2018 11:19 AM
To: Mike Hammett
Cc: Aaron Gould; NANOG list
Subject: Re: cgnat - how do you handle customer issues
For number 2, I'm a fan of what mike suggests. I believe the te
On 02/27/2018 11:30 AM, Aaron Gould wrote:
Couple questions please. When you put thousands of customers behind a cgnat
boundary, how do you all handle customer complaints about the following.
1 - for external connectivity to the customers premise devices, not being
able to access web serv
54
To: 'Michael Crapse'; 'Mike Hammett'
Cc: 'NANOG list'
Subject: RE: cgnat - how do you handle customer issues
Thanks
For #2 – what if the ports allocated aren’t enough for the amount of inet
traffic the customer site uses ? …is the customer denied service based on
?
- Aaron
From: Michael Crapse [mailto:mich...@wi-fiber.io]
Sent: Tuesday, February 27, 2018 11:19 AM
To: Mike Hammett
Cc: Aaron Gould; NANOG list
Subject: Re: cgnat - how do you handle customer issues
For number 2, I'm a fan of what mike suggests. I believe the technical term is
For number 2, I'm a fan of what mike suggests. I believe the technical term
is MAP-T.
For number 1, anyone who wants one, gets one. We provide free public static
IP to any customer who asks for one. Another solution, using above solution
is to ask them which ports they need, and forward those to th
I'm a fan of nailing each customer IP to a particular range of ports on a given
public IP. Real easy to track who did what and to prevent shifting IPs.
-
Mike Hammett
Intelligent Computing Solutions
Midwest Internet Exchange
The Brothers WISP
- Original Message -
From: "A
With a ~59% dual-stack percentage and a 8% ds-lite percentage (aka 67%
of our subscriber base has IPv6), we get around 40% of IPv6 traffic.
--
Tassos
Radu-Adrian Feurdean wrote on 10/4/2017 1:11 μμ:
> On Fri, Apr 7, 2017, at 20:03, Mikael Abrahamsson wrote:
>> On Fri, 7 Apr 2017, Max Tulyev wrote
On Fri, Apr 7, 2017, at 20:03, Mikael Abrahamsson wrote:
> On Fri, 7 Apr 2017, Max Tulyev wrote:
>
> > BTW, does somebody check how implementing a native IPv6 decrease actual
> > load of CGNAT?
>
> Reports are that 30-50% of traffic will be IPv6 when you enable dual
> stack. This would be traffi
A lot depends on the CGNAT features you are looking to support, some
considerations:
- Are you looking for port block allocation for bulk logging, where a given
subscriber is given a block of source TCP/UDP ports on a translated IP
address
- How many translations and session rate are you looking t
Hi Aaron, thanks for the info. I¹m curious what you or others do about
DDoS attacks to CGNAT devices. It seems that a single attack could affect
the thousands of customers that use those devices. Also, do you have
issues detecting attacks vs. legitimate traffic when you have so much
traffic dest
I can confirm that percentage (at least with residential customer base).
All big content providers and a number of CDNs will do IPv6 by default. One
thing that will heavily affect this is the CPE equipment (which might not
have IPv6 enabled or even be capable of it).
kind regards
Pshem
On Sat, 8
Thanks Max, I've thought about that and tested some ipv6 (6vpe, mpls l3vpn
w/ipv6 dual stacked) in my network.
In my CGNAT testing for my 7,000 dsl customers, I've already tested the
inter-vrf route leaks that will be required for ipv6-flow-around to bypass
the IPv4 CGNAT boundary so, I have t
On Fri, 7 Apr 2017, Max Tulyev wrote:
BTW, does somebody check how implementing a native IPv6 decrease actual
load of CGNAT?
Reports are that 30-50% of traffic will be IPv6 when you enable dual
stack. This would be traffic that will not traverse your CGNAT.
--
Mikael Abrahamssonemail: s
BTW, does somebody check how implementing a native IPv6 decrease actual
load of CGNAT?
On 06.04.17 23:33, Aaron Gould wrote:
> Last year I evaluated Cisco ASR9006/VSM-500 and Juniper MX104/MS-MIC-16G in
> my lab.
>
> I went with MX104/MS-MIC-16G. I love it.
>
> I deployed (2) MX104's. Each MX
Thanks Rich, you bring up some good points. Yes it would seem that an
attack aimed at a target IP address would in-fact now have a greater surface
since that IP address is being used by many people. When we
remotely-trigger-black-hole (RTBH) route an ip address (/32 host route) into
a black hole
Last year I evaluated Cisco ASR9006/VSM-500 and Juniper MX104/MS-MIC-16G in
my lab.
I went with MX104/MS-MIC-16G. I love it.
I deployed (2) MX104's. Each MX104 has a single MX-MIC-16G card in it. I
integrated this CGNAT with MPLS L3VPN's for NAT Inside vrf and NAT outside
vrf. Both MX104's le
Hello Ahmad,I am using F5 for CGNAT, right now 250K subscriber
with 28Gbps bandwidth, I will double it with the second appliance easily
soon.Its high performance and I like it.Any time Any QuestionThanks
I had given some numbers for PBA in
http://puck.nether.net/pipermail/cisco-nsp/2016-February/101908.html
--
Tassos
Adam wrote on 23/11/16 23:17:
> I'm crunching the numbers on the cost effectiveness of implementing CGN vs
> IPv4 auctions. The determining factor is how many ephemeral ports are
>
Don't try detereministic NAT, it's not worth it. You'll waste a lot of
port capacity on most users, and it might still be problematic for power
users.
Just try to match one user to one real IP, many sites/applications don't
like when there are several requests from one user with different IPs.
On Thu, Nov 24, 2016 at 7:05 PM Adam wrote:
> I'm crunching the numbers on the cost effectiveness of implementing CGN vs
> IPv4 auctions. The determining factor is how many ephemeral ports are
> reserved for each customer. This is for a residential broadband
> environment.
>
> Is anybody doing de
92 matches
Mail list logo
